Enhancement: cves/2022/CVE-2022-45805.yaml by md

2023-03-14 10:58:40 -04:00 · 2023-03-14 10:58:40 -04:00 · 5a6f7d3371
parent bfde72dfab
commit 5a6f7d3371
1 changed files with 5 additions and 3 deletions
--- a/cves/2022/CVE-2022-45805.yaml
+++ b/cves/2022/CVE-2022-45805.yaml
@ -1,12 +1,12 @@
 id: CVE-2022-45805

 info:
-  name: WordPress Paytm Payment Gateway Plugin <= 2.7.3 - SQL Injection
+  name: WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection
  author: theamanrawat
  severity: high
  description: |
-    SQL Injection vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 2.7.7.
-  remediation: Update to version 2.7.7, or a newer patched version.
+    WordPress Paytm Payment Gateway plugin through 2.7.3 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
+  remediation: Update to version 2.7.7 or a newer patched version.
  reference:
    - https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-3-auth-sql-injection-sqli-vulnerability
    - https://wordpress.org/plugins/paytm-payments/
@ -42,3 +42,5 @@ requests:
          - 'status_code_2 == 200'
          - 'contains(body_2, "toplevel_page_paytm")'
        condition: and
+
+# Enhanced by md on 2023/03/14