CVE-2022-4372

EUVD-2022-51722
The Web Invoice WordPress plugin through 2.1.3 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL Injection exploitable by high privilege users such as admin by default. However, depending on the plugin configuration, other users, such as subscriber could exploit this as well
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
web_invoice_projectweb_invoice
𝑥
≤ 2.1.3
𝑥
= Vulnerable software versions
References
https://bulletin.iese.de/post/web-invoice_2-1-3_2
https://wpscan.com/vulnerability/218f8015-e14b-46a8-889d-08b2b822f8ae
https://bulletin.iese.de/post/web-invoice_2-1-3_2
https://wpscan.com/vulnerability/218f8015-e14b-46a8-889d-08b2b822f8ae