WordPress Plugin Vulnerabilities

Plugin for Google Reviews < 2.2.4 - Subscriber+ SQLi

Description

The plugin does not properly sanitise and escape the place_id parameter before using it in a SQL statement via the grw_overview_ajax AJAx action, leading to a SQL injection exploitable by any authenticated users, such as subscriber

Affects Plugins

Plugin icon
widget-google-reviews
Fixed in 2.2.4

References

CVE
CVE-2022-44580

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
7.7 (high)

Miscellaneous

Original Researcher
Rafie Muhammad
Verified
Yes
WPVDB ID
0d2d5d9d-46c1-4710-b87c-930b3645fe98

Timeline

Publicly Published
2023-03-15 (about 2 years ago)
Added
2023-03-15 (about 2 years ago)
Last Updated
2023-03-15 (about 2 years ago)

Other

Published
Title
Published
2025-05-19
Title
RSVPMarker < 11.5.7 - Authenticated (Contributor+) SQL Injection
Published
2025-04-14
Title
TS Poll – Survey, Versus Poll, Image Poll, Video Poll < 2.4.7 - Authenticated (Administrator+) SQL Injection via 's' Parameter
Published
2019-05-22
Title
WP Booking System < 1.5.2 - CSRF to Authenticated SQL Injection
Published
2026-03-02
Title
LatePoint < 5.2.8 - Authenticated (Administrator+) SQL Injection via JSON Import
Published
2016-11-28
Title
Product Catalog 8 1.2 - Unauthenticated SQL Injection