The Ubigeo de PerĂº para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2022-05-09T16:50:32

Updated: 2024-08-02T23:40:04.430Z

Reserved: 2022-03-01T00:00:00

Link: CVE-2022-0814

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-05-09T17:15:08.303

Modified: 2024-11-21T06:39:27.120

Link: CVE-2022-0814

cve-icon Redhat

No data.