CVE-2022-2840

{"id": "CVE-2022-2840", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-09-19T14:15:11.000", "references": [{"url": "http://packetstormsecurity.com/files/168652/WordPress-Zephyr-Project-Manager-3.2.42-SQL-Injection.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "contact@wpscan.com"}, {"url": "https://wpscan.com/vulnerability/13d8be88-c3b7-4d6e-9792-c98b801ba53c", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "contact@wpscan.com"}, {"url": "http://packetstormsecurity.com/files/168652/WordPress-Zephyr-Project-Manager-3.2.42-SQL-Injection.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://wpscan.com/vulnerability/13d8be88-c3b7-4d6e-9792-c98b801ba53c", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "contact@wpscan.com", "description": [{"lang": "en", "value": "CWE-89"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections"}, {"lang": "es", "value": "El plugin Zephyr Project Manager de WordPress versiones anteriores a 3.2.5, no sanea ni escapa de varios par\u00e1metros antes de usarlos en sentencias SQL por medio de varias acciones AJAX disponibles para usuarios autenticados y no autenticados, conllevando a inyecciones SQL"}], "lastModified": "2024-11-21T07:01:47.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:zephyr-one:zephyr_project_manager:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "989B933B-8206-43E2-B089-E706F3800F62", "versionEndExcluding": "3.2.5"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}