Vulnerabilities > Pluginbazaar

DATE CVE VULNERABILITY TITLE RISK
2022-05-09 CVE-2022-0948 SQL Injection vulnerability in Pluginbazaar Order Listener for Woocommerce
The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection
network
low complexity
pluginbazaar CWE-89
7.5
7.5