WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

3xSocializer <= 0.98.22 - Subscriber+ SQLi

Description

The plugin does not sanitise and escape some parameter before using them in SQL statements, leading to SQL Injections

Affects Plugins

3xsocializer
No known fix - plugin closed

References

CVE
CVE-2022-29419

Classification

Type

SQLI

OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Original Researcher

Lenon Leite

Verified

No

WPVDB ID
25600f02-d9fd-4fc8-bab0-370791bc5b16

Timeline

Publicly Published

2022-04-25 (about 9 months ago)

Added

2022-04-25 (about 9 months ago)

Last Updated

2022-04-27 (about 9 months ago)

Our Other Services

WPScan WordPress Security Plugin