cbcvebase.
CVE-2022-1013
published 2022-05-09

CVE-2022-1013: The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement…

PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
6.63%
93.0th percentile
The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability.

Affected

6 ranges
VendorProductVersion rangeFixed in
ays-propersonal_dictionary< 1.3.41.3.4
linuxlinux_kernel>= 3.11.0 < 5.4.2205.4.220
linuxlinux_kernel>= 5.11.0 < 5.15.755.15.75
linuxlinux_kernel>= 5.16.0 < 5.19.175.19.17
linuxlinux_kernel>= 5.20.0 < 6.0.36.0.3
linuxlinux_kernel>= 5.5.0 < 5.10.1505.10.150

Detection & IOCsextracted from sources · hover to see the quote

versionPersonal Dictionary WordPress plugin < 1.3.4
sigma
title: WordPress Personal Dictionary SQLi
detection:
  selection:
    - 'status_code == 200'
    - 'contains(content_type, "text/html")'
    - 'contains(body, "\"status\":true,")'
  condition: and
  • Exploit targets a blind SQL injection via unsanitized POST data interpolated into SQL statements; monitor POST requests to the Personal Dictionary plugin endpoint for SQL injection payloads (e.g., time-based or boolean-based blind SQLi patterns).
  • Successful exploitation returns HTTP 200 with Content-Type text/html and a JSON body containing '"status":true,' — use this response fingerprint to detect successful blind SQLi probes against the plugin.
  • ·The Sigma/nuclei rule digest is embedded in the template and can be used to verify template integrity; tampering with the rule would invalidate the digest.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.