Search criteria
2 vulnerabilities found for personal_dictionary by ays-pro
CVE-2022-1013 (GCVE-0-2022-1013)
Vulnerability from nvd – Published: 2022-05-09 16:50 – Updated: 2024-08-02 23:47
VLAI
Title
Personal Dictionary < 1.3.4 - Unauthenticated SQLi
Summary
The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability.
Severity
No CVSS data available.
CWE
- CWE-89 - SQL Injection
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/eed70659-9e3e-42… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Personal Dictionary |
Affected:
1.3.4 , < 1.3.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Personal Dictionary",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.3.4",
"status": "affected",
"version": "1.3.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "cydave"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-09T16:50:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Personal Dictionary \u003c 1.3.4 - Unauthenticated SQLi",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1013",
"STATE": "PUBLIC",
"TITLE": "Personal Dictionary \u003c 1.3.4 - Unauthenticated SQLi"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Personal Dictionary",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.3.4",
"version_value": "1.3.4"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "cydave"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1013",
"datePublished": "2022-05-09T16:50:43.000Z",
"dateReserved": "2022-03-17T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:42.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1013 (GCVE-0-2022-1013)
Vulnerability from cvelistv5 – Published: 2022-05-09 16:50 – Updated: 2024-08-02 23:47
VLAI
Title
Personal Dictionary < 1.3.4 - Unauthenticated SQLi
Summary
The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability.
Severity
No CVSS data available.
CWE
- CWE-89 - SQL Injection
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/eed70659-9e3e-42… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Personal Dictionary |
Affected:
1.3.4 , < 1.3.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.954Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Personal Dictionary",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.3.4",
"status": "affected",
"version": "1.3.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "cydave"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 SQL Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-09T16:50:43.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Personal Dictionary \u003c 1.3.4 - Unauthenticated SQLi",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-1013",
"STATE": "PUBLIC",
"TITLE": "Personal Dictionary \u003c 1.3.4 - Unauthenticated SQLi"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Personal Dictionary",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.3.4",
"version_value": "1.3.4"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "cydave"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-1013",
"datePublished": "2022-05-09T16:50:43.000Z",
"dateReserved": "2022-03-17T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:42.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}