CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-3860

The Visual Email Designer for WooCommerce WordPress plugin before 1.7.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.5%

CVSS Severity

CVSS v3 Score 8.8

References

https://wpscan.com/vulnerability/d99ce21f-fbb6-429c-aa3b-19c4a5eb7557
https://wpscan.com/vulnerability/d99ce21f-fbb6-429c-aa3b-19c4a5eb7557

Products affected by CVE-2022-3860

Smackcoders » Visual Email Designer For Woocommerce » Version: Any

cpe:2.3:a:smackcoders:visual_email_designer_for_woocommerce:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-3860

Products

Pricing

Contact Us