cbcvebase.
CVE-2022-0592
published 2022-05-09

CVE-2022-0592: The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL…

PriorityP182critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
9.65%
94.9th percentile
The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users.

Affected

1 ranges
VendorProductVersion rangeFixed in
mapsvgmapsvg< 6.2.206.2.20

Detection & IOCsextracted from sources · hover to see the quote

sigma
MapSVG = 6'
- 'contains(body, "map")'
- 'contains(content_type, "application/json")'
- 'status_code == 200'
condition: and
# digest: 4b0a00483046022100dffd28796dd32f31891c07fca079c21152474fad248918689846fe471a7b6fed022100b3e97b8d37e3f5b2d445020e44906ac1a50c4f40b49ffd7b0d4c89a48b5e8b59:922c64590222798bb761d5b6d8e72950
  • The vulnerability is a SQL Injection exploitable by unauthenticated users via a REST endpoint parameter in the MapSVG WordPress plugin before 6.2.20. Monitor REST API requests to MapSVG endpoints for unsanitized SQL metacharacters (e.g., single quotes, UNION, SELECT keywords) in parameters.
  • ·The MapSVG plugin version threshold for this vulnerability is strictly before 6.2.20; version 6.2.20 and later are patched.
  • ·The SQL injection is unauthenticated, meaning no credentials are required to exploit the REST endpoint — detection rules should not filter out unauthenticated requests.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.