Vulnerabilities > CVE-2022-29410 - Unspecified vulnerability in Hermit Project Hermit 3.1.6

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
hermit-project

Summary

Authenticated SQL Injection (SQLi) vulnerability in Mufeng's Hermit ????? plugin <= 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via (&ids).

Vulnerable Configurations

Part Description Count
Application
Hermit_Project
2