{"vulnerability": "cve-2022-3481", "sightings": [{"uuid": "ce6f0503-822b-4b98-b26a-026b4191571e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3481", "type": "seen", "source": "https://t.me/cibsecurity/52587", "content": "\u203c CVE-2022-3481 \u203c\n\nThe WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-07T16:11:33.000000Z"}, {"uuid": "44a94f94-0e86-4955-affd-820bd397e46e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3481", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14383", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3481\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection\n\ud83d\udccf Published: 2022-11-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:59:21.555Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/c5e395f8-257e-49eb-afbd-9c1e26045373", "creation_timestamp": "2025-05-01T20:15:41.000000Z"}, {"uuid": "3dc98627-5b44-4eaa-ae15-47e24fa1d4ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34810", "type": "seen", "source": "https://t.me/cibsecurity/45450", "content": "\u203c CVE-2022-34810 \u203c\n\nA missing check in Jenkins RQM Plugin 2.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-30T22:43:57.000000Z"}, {"uuid": "fba2bb1c-7dcb-47c3-9d9f-c44105e802d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3481", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw54zwm622", "content": "", "creation_timestamp": "2025-07-23T21:02:22.372261Z"}, {"uuid": "27243c5b-7cd4-40ff-9255-aa6075d87402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3481", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-3481.yaml", "content": "", "creation_timestamp": "2025-09-25T07:35:40.000000Z"}, {"uuid": "76727d2a-42e2-49ea-85ea-4b7052a47230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3481", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-12)", "content": "", "creation_timestamp": "2026-02-12T00:00:00.000000Z"}, {"uuid": "7e77d28b-ace6-4d9e-9105-ef27071c967e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34811", "type": "seen", "source": "https://t.me/cibsecurity/45457", "content": "\u203c CVE-2022-34811 \u203c\n\nA missing permission check in Jenkins XPath Configuration Viewer Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to access the XPath Configuration Viewer page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-30T22:44:06.000000Z"}]}