Unrated severityNVD Advisory· Published Mar 28, 2022· Updated Aug 2, 2024

SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQLi

CVE-2022-0846

Description

The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dk_speakout_sendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/SpeakOut! Email Petitionsdescription
RopeSwingHld/SpeakOut! Email Petitionsllm-fuzzy
Range: <2.14.15.1

Patches

Vulnerability mechanics

References

wpscan.com/vulnerability/b030296d-688e-44a4-a48a-140375f2c5f4mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000