CVE-2022-0781 Scanner
Detects 'SQL Injection' vulnerability in Nirweb support plugin for Wordpress affects v. before 2.8.2.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month
Scan only one
Domain, IPv4
Toolbox
-
The Nirweb support plugin for WordPress is a tool designed to provide users with support for their websites. This plugin enables users to submit support requests, track tickets, and view support history, all from within the WordPress platform. The Nirweb support plugin is widely used and popular amongst WordPress users and website owners.
Recently, a vulnerability has been detected in the Nirweb support plugin, known as CVE-2022-0781. This vulnerability allows unauthenticated users to inject arbitrary SQL commands through a parameter that has not been sanitized or escaped before being used in an SQL statement via an AJAX action. This vulnerability could lead to unauthorized access to sensitive data, including usernames, passwords, or other confidential information.
If an attacker successfully exploits this vulnerability, they can gain access to the database and retrieve or modify stored information. This could allow them to gain control of the website and cause damage to its reputation. The possibilities are endless, depending on the motive of the attacker.
In conclusion, the Nirweb support plugin issue highlights the importance of staying up-to-date with software releases and keeping your website secure from vulnerabilities. s4e.io is an excellent platform that can quickly and easily help you identify vulnerabilities in your websites, including the Nirweb support plugin. Don't wait to become a victim of cyber-attacks. Protect yourself today!
REFERENCES