CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-4268

The Plugin Logic WordPress plugin before 1.0.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.9%

CVSS Severity

CVSS v3 Score 7.2

References

https://bulletin.iese.de/post/plugin-logic_1-0-7/
https://wpscan.com/vulnerability/bde93d90-1178-4d55-aea9-e02c4f8bcaa2
https://bulletin.iese.de/post/plugin-logic_1-0-7/
https://wpscan.com/vulnerability/bde93d90-1178-4d55-aea9-e02c4f8bcaa2

Products affected by CVE-2022-4268

Plugin Logic Project » Plugin Logic » Version: N/A

cpe:2.3:a:plugin_logic_project:plugin_logic:-
Plugin Logic Project » Plugin Logic » Version: 1.0.7

cpe:2.3:a:plugin_logic_project:plugin_logic:1.0.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4268

Products

Pricing

Contact Us