Vulnerabilities > CVE-2022-2269 - Unspecified vulnerability in Wpwhitesecurity Website File Changes Monitor

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wpwhitesecurity

critical

NVD

Published: 2022-08-08

Updated: 2024-11-21

Summary

The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manage_options capability (by default admins), leading to an SQL injection

Vulnerable Configurations

Part	Description	Count
Application	Wpwhitesecurity Wpwhitesecurity Website File Changes Monitor *	1

References

https://wpscan.com/vulnerability/bb348c92-d7e3-4a75-98aa-dd1c463bfd65
https://wpscan.com/vulnerability/bb348c92-d7e3-4a75-98aa-dd1c463bfd65