CVE-2022-0867 Scanner
Detects 'SQL Injection (SQLi)' vulnerability in Pricing Table plugin for WordPress affects v. before 3.6.1.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
744 sec
Scan only one
Domain, Ipv4
Toolbox
-
The Pricing Table WordPress plugin is a popular tool used to create pricing tables for websites. This plugin allows website owners to easily display their products or services with multiple pricing options in an organized manner. The plugin offers a variety of features that can help businesses increase their sales and attract more customers. With its user-friendly interface and customization options, the Pricing Table plugin is a must-have for WordPress users who want to showcase their offerings in an appealing way.
However, the plugin suffers from a critical vulnerability, detected as CVE-2022-0867. The vulnerability arises from the plugin's failure to properly sanitize and escape user-supplied POST data. This leaves the product exposed to SQL injection attacks, which can be used to execute arbitrary code on the server, potentially leading to a complete compromise of the website.
If the vulnerability is successfully exploited, hackers can gain access to sensitive data, such as customer information and payment details. They can use the vulnerability to inject malicious code into the server, which can lead to serious consequences, including the exposure of confidential data and damage to a business's reputation.
Thanks to the pro features of the s4e.io platform, readers of this article can quickly and easily learn about vulnerabilities in their digital assets. The platform provides comprehensive vulnerability scanning and testing that identifies all potential security issues. This service is a must-have for any website owner who wants to ensure the security of their online presence. Don't risk your business and website security, get the protection the s4e.io platform provides.
REFERENCES