CVE-2022-1691

CVE-2022-1691: Realty Workstation < 1.0.15 - Agent SQLi

Vendor Unknown

Product Realty Workstation

Weakness CWE-89 · SQLi

Published June 6, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Realty Workstation WordPress plugin before 1.0.15 does not sanitise and escape the trans_edit parameter before using it in a SQL statement when an agent edit a transaction, leading to an SQL injection

Key dates

02Disclosure timeline

June 6, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-1691

Related vulnerabilities

04Related CVE

CVE-2024-50479 WordPress Woocommerce Quote Calculator plugin <= 1.1 - SQL Injection vulnerability CVE-2025-6307 code-projects Online Shoe Store edit_customer.php sql injection CVE-2019-19094 ABB eSOMS: SQL injection vulnerability CVE-2020-12507 s::can moni::tools autheticated SQL injection CVE-2025-54379 eKuiper API endpoints handling SQL queries with user-controlled table names.