CVE-2022-0781

CVE-2022-0781: Nirweb support < 2.8.2 - Unauthenticated SQLi

Vendor Unknown

Product Nirweb support

Weakness CWE-89 · SQLi

Published May 23, 2022

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action (available to unauthenticated users), leading to an SQL injection

Key dates

02Disclosure timeline

May 23, 2022 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-0781

Related vulnerabilities

04Related CVE

CVE-2024-10699 code-projects Wazifa System logincontrol.php sql injection CVE-2025-47671 WordPress Binary MLM Plan plugin <= 3.0 - SQL Injection vulnerability CVE-2026-1800 Fonts Manager | Custom Fonts <= 1.2 - Unauthenticated SQL Injection via fmcfIdSelectedFnt parameter CVE-2025-32854 CVE-2025-32127 WordPress onOffice for WP-Websites plugin <= 5.7 - SQL Injection vulnerability