Web Vulnerability Report
| ID | CVE-2022-3849 |
| CVSS 3.0 | 8.8 |
|
Cloudbric Score
?
|
High |
| Cloudbric Detection | Yes |
| Vulnerability Type | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
| Published Date | 2022-11-28 |
| Updated Date | 2023-02-03 |
| Vendor | ~1.5.3 |
| Description | The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin |
| Reference | https://wpscan.com/vulnerability/511327d3-499b-4ad9-8fd3-99f9f7deb4f5 |
| URL Link | https://nvd.nist.gov/vuln/detail/CVE-2022-3849 |
This vulnerability has been detected by Cloudbric!
Block NOW!
| ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
|---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now