Skip to content

NuytsTech Security

  • Home
  • Terms of Use
    • Privacy Policy
  • Blog
  • Cloud Hosting
  • Updates
  • Contact

NuytsTech Security

  • Home
  • Terms of Use
    • Privacy Policy
  • Blog
  • Cloud Hosting
  • Updates
  • Contact
  • Vulnerabilities

CVE-2022-0817

by Fred · 09/05/2022

The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users

Date published : 2022-05-09

https://wpscan.com/vulnerability/69263610-f454-4f27-80af-be523d25659e

Share this:

  • Twitter
  • Facebook

Related

Tags: Cybersecurity Alert

Follow us

  • Next story CVE-2022-1397
  • Previous story CVE-2022-28470

Current cyberalert

Recent Posts

  • CVE-2022-31261
  • CVE-2022-30843
  • CVE-2022-30842
  • CVE-2022-30839
  • CVE-2022-30838
  • CVE-2022-30837
  • CVE-2022-30464
  • CVE-2022-30463
  • CVE-2022-30462
  • CVE-2022-30461
  • CVE-2022-30460
  • CVE-2022-30459
  • CVE-2022-30458
  • CVE-2022-30456
  • CVE-2022-30455
  • CVE-2022-30454
  • CVE-2022-29567
  • CVE-2022-29249
  • CVE-2022-29246
  • CVE-2022-29242
  • CVE-2022-29237
  • CVE-2022-29223
  • CVE-2022-29221
  • CVE-2022-29219
  • CVE-2022-29217
  • CVE-2022-26532
  • CVE-2022-26531
  • CVE-2022-22495
  • CVE-2022-22309
  • CVE-2022-22306

Categories

  • Critical cyberalert
  • Vulnerabilities

Tags

CISA Cyberalert Cybersecurity Alert Russia Shields Up Ukraine

© 2020-2022 NUYTSTECH. All Rights Reserved. Use of the CVE (Common Vulnerabilities and Exposures) from this non-profit website are subject to the terms of use.