Enhancement: cves/2022/CVE-2022-45805.yaml by md
parent
bfde72dfab
commit
5a6f7d3371
|
@ -1,12 +1,12 @@
|
|||
id: CVE-2022-45805
|
||||
|
||||
info:
|
||||
name: WordPress Paytm Payment Gateway Plugin <= 2.7.3 - SQL Injection
|
||||
name: WordPress Paytm Payment Gateway <=2.7.3 - SQL Injection
|
||||
author: theamanrawat
|
||||
severity: high
|
||||
description: |
|
||||
SQL Injection vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 2.7.7.
|
||||
remediation: Update to version 2.7.7, or a newer patched version.
|
||||
WordPress Paytm Payment Gateway plugin through 2.7.3 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
|
||||
remediation: Update to version 2.7.7 or a newer patched version.
|
||||
reference:
|
||||
- https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-3-auth-sql-injection-sqli-vulnerability
|
||||
- https://wordpress.org/plugins/paytm-payments/
|
||||
|
@ -42,3 +42,5 @@ requests:
|
|||
- 'status_code_2 == 200'
|
||||
- 'contains(body_2, "toplevel_page_paytm")'
|
||||
condition: and
|
||||
|
||||
# Enhanced by md on 2023/03/14
|
||||
|
|
Loading…
Reference in New Issue