CVE-2022-0814

Summary

The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections

Affected Software

VendorProductVersion RangeStatus
UnknownUbigeo de Perú para Woocommerce y WordPress3.6.4 < 3.6.4affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References