Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2022-4681

Published: 06/02/2023 Updated: 07/11/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Wpwave

Vulnerability Summary

The Hide My WP WordPress plugin prior to 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

wpwave hide my wp

Exploits

Exploit DB: WordPress Hide My WP SQL Injection
WordPress Hide My WP plugin versions 629 and below suffer from an unauthenticated remote SQL injection vulnerability ...

References

https://wpscan.com/vulnerability/5a4096e8-abe4-41c4-b741-c44e740e8689https://nvd.nist.govhttps://packetstormsecurity.com/files/177519/WordPress-Hide-My-WP-SQL-Injection.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook