CVE-2022-1057

CVE-2022-1057: Pricing Deals for WooCommerce <= 2.0.2.02 - Unauthenticated SQLi

Vendor Unknown
Product Pricing Deals for WooCommerce
Weakness CWE-89 · SQLi
Published July 11, 2022
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection

Key dates

02Disclosure timeline

July 11, 2022 CVE published
August 2, 2024 Record updated