"-Synchronized-Data."

2025-05-08 19:46:39 +00:00 · 2023-06-30 13:00:37 +00:00 · 2023-06-30 13:00:37 +00:00 · 07cf0c46dd
commit 07cf0c46dd
parent c857bffa1c
1 changed files with 76 additions and 71 deletions
--- a/2022/3xxx/CVE-2022-3150.json
+++ b/2022/3xxx/CVE-2022-3150.json
@ -1,14 +1,32 @@
 {
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2022-3150",
        "ASSIGNER": "contact@wpscan.com",
-    "STATE": "PUBLIC",
+        "STATE": "PUBLIC"
-    "TITLE": "WP Custom Cursors <= 3.0 - Admin+ SQLi"
+    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin"
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-89 SQL Injection"
                    }
                ]
            }
        ]
    },
  "data_format": "MITRE",
  "data_type": "CVE",
  "data_version": "4.0",
  "generator": "WPScan CVE Generator",
    "affects": {
        "vendor": {
            "vendor_data": [
@ -21,9 +39,9 @@
                                "version": {
                                    "version_data": [
                                        {
-                      "version_affected": "<=",
+                                            "version_affected": "<",
-                      "version_name": "3.0",
+                                            "version_name": "0",
-                      "version_value": "3.0"
+                                            "version_value": "3.2"
                                        }
                                    ]
                                }
@ -34,42 +52,29 @@
            ]
        }
    },
  "description": {
    "description_data": [
      {
        "lang": "eng",
        "value": "The WP Custom Cursors WordPress plugin through 3.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin"
      }
    ]
  },
    "references": {
        "reference_data": [
            {
        "refsource": "MISC",
                "url": "https://wpscan.com/vulnerability/bb0806d7-21e3-4a65-910c-bf0625c338ec",
                "refsource": "MISC",
                "name": "https://wpscan.com/vulnerability/bb0806d7-21e3-4a65-910c-bf0625c338ec"
            }
        ]
    },
-  "problemtype": {
+    "generator": {
-    "problemtype_data": [
+        "engine": "WPScan CVE Generator"
      {
        "description": [
          {
            "value": "CWE-89 SQL Injection",
            "lang": "eng"
          }
        ]
      }
    ]
    },
  "credit": [
    {
      "lang": "eng",
      "value": "Lana Codes"
    }
  ],
    "source": {
        "discovery": "EXTERNAL"
    },
    "credits": [
        {
            "lang": "en",
            "value": "Lana Codes"
        },
        {
            "lang": "en",
            "value": "WPScan"
        }
    ]
 }