diff --git a/2022/3xxx/CVE-2022-3150.json b/2022/3xxx/CVE-2022-3150.json index d888b423656..78559a4e9dd 100644 --- a/2022/3xxx/CVE-2022-3150.json +++ b/2022/3xxx/CVE-2022-3150.json @@ -1,75 +1,80 @@ { - "CVE_data_meta": { - "ID": "CVE-2022-3150", - "ASSIGNER": "contact@wpscan.com", - "STATE": "PUBLIC", - "TITLE": "WP Custom Cursors <= 3.0 - Admin+ SQLi" - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "generator": "WPScan CVE Generator", - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Unknown", - "product": { - "product_data": [ - { - "product_name": "WP Custom Cursors | WordPress Cursor Plugin", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_name": "3.0", - "version_value": "3.0" - } - ] - } - } - ] - } - } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The WP Custom Cursors WordPress plugin through 3.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin" - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "url": "https://wpscan.com/vulnerability/bb0806d7-21e3-4a65-910c-bf0625c338ec", - "name": "https://wpscan.com/vulnerability/bb0806d7-21e3-4a65-910c-bf0625c338ec" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "value": "CWE-89 SQL Injection", - "lang": "eng" - } + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2022-3150", + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin" + } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WP Custom Cursors | WordPress Cursor Plugin", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "3.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/bb0806d7-21e3-4a65-910c-bf0625c338ec", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/bb0806d7-21e3-4a65-910c-bf0625c338ec" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Lana Codes" + }, + { + "lang": "en", + "value": "WPScan" + } ] - }, - "credit": [ - { - "lang": "eng", - "value": "Lana Codes" - } - ], - "source": { - "discovery": "EXTERNAL" - } } \ No newline at end of file