admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 02:31:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2022-3254.md
之乎者也 9b390908af
Create CVE-2022-3254.md
2023-04-13 15:44:59 +08:00

1.4 KiB
Raw Blame History

WordPress plugin AWP Classifieds SQL injection vulnerability (CVE-2022-3254)

Vulnerability WordPress plugin AWP Classifieds SQL injection vulnerability (CVE-2022-3254)
Chinese name WordPress AWP Classifieds 插件 admin-ajax.php 文件 type 参数SQL注入漏洞CVE-2022-3254
CVSS core 9.8
FOFA Query (click to view the results directly) body="wp-content/plugins/another-wordpress-classifieds"
Number of assets affected 3526
Description WordPress plugin AWP Classifieds is a leading plug-in that quickly and easily adds classified ads sections to your WordPress website in minutes. WordPress plugin AWP Classifieds has an SQL injection vulnerability prior to 4.3, which is caused by the plugin's inability to escape the type parameter correctly. Attackers can exploit the vulnerability to obtain sensitive information such as user names and passwords.
Impact WordPress plugin AWP Classifieds has an SQL injection vulnerability prior to 4.3, which is caused by the plugin's inability to escape the type parameter correctly. Attackers can exploit the vulnerability to obtain sensitive information such as user names and passwords.