CVE-2022-1950
published 2022-08-01CVE-2022-1950: The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to…
PriorityP181critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
4.11%
89.5th percentile
The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | tika | >= 0 < 1.22-1ubuntu0.1~esm1 | 1.22-1ubuntu0.1~esm1 |
| apache | tika | >= 0 < 1.22-2ubuntu0.22.04.1~esm1 | 1.22-2ubuntu0.22.04.1~esm1 |
| kainelabs | youzify | < 1.2.0 | 1.2.0 |
| linux | linux_kernel | >= 6.1.0 < 6.1.28 | 6.1.28 |
| linux | linux_kernel | >= 6.2.0 < 6.2.15 | 6.2.15 |
| linux | linux_kernel | >= 6.3.0 < 6.3.2 | 6.3.2 |
Detection & IOCsextracted from sources · hover to see the quote
sigma
contains(body, "youzify-media") AND status_code == 200
- →The SQL injection is triggered via an AJAX action available to unauthenticated users — monitor WordPress AJAX endpoints (wp-admin/admin-ajax.php) for requests containing SQL metacharacters (e.g., a single-quote payload) targeting Youzify parameters. ↗
- →Presence of the string 'youzify-media' in HTTP response body combined with HTTP 200 status is a fingerprint condition used to confirm a vulnerable/exploited Youzify installation.
- →A single-quote appended to the Youzify version parameter (e.g., 'Youzify = 6\'') is indicative of a SQL injection probe against this plugin.
- ·The vulnerability affects Youzify WordPress plugin versions before 1.2.0 only; patched at 1.2.0. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv5.5MEDIUM
vulncheck9.8CRITICAL
vendor_redhat4.4LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
osv·2025-12-24
CVE-2023-54073 tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
In the Linux kernel, the following vulnerability has been resolved:
tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
The following crash was reported:
[ 1950.279393] list_del corruption, ffff99560d485790->next is NULL
[ 1950.279400] ------------[ cut here ]------------
[ 1950.279401] kernel BUG at lib/list_debug.c:49!
[ 1950.279405] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
[ 1950.279407] CPU: 11 PID: 5886 Comm: modprobe Tainted: G O 6.2.8_1 #1
[ 1950.279409] Hardware name: Gigabyte Technology Co., Ltd. B550M AORUS PRO-P/B550M AORUS PRO-P,
BIOS F15c 05/11/2022
[ 1950.279410] RIP: 0010:__list_del_entry_valid+0x59/0xc0
[ 1950.279415] Code: 48 8b 01 48 39 f8 75 5a 48 8b 72 08 48 39 c6 75 65
OSV
tika vulnerabilities
osv·2025-05-23·CVSS 5.5
CVE-2020-1950 tika vulnerabilities
tika vulnerabilities
It was discovered that Apache Tika can have an excessive memory usage by
using a crafted or corrupt PSD file. An attacker could possibly use this
issue to cause a denial of service. This issue only affected Ubuntu
20.04 LTS. (CVE-2020-1950, CVE-2020-1951)
It was discovered that Apache Tika incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause a denial
of service. (CVE-2022-30126, CVE-2022-30973, CVE-2022-33879)
GHSA
GHSA-2prm-6mv4-wfqg: The Youzify WordPress plugin before 1
ghsa_unreviewed·2022-08-02
CVE-2022-1950 [CRITICAL] CWE-89 GHSA-2prm-6mv4-wfqg: The Youzify WordPress plugin before 1
The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection
VulnCheck
kainelabs youzify Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
vulncheck·2022·CVSS 9.8
CVE-2022-1950 [CRITICAL] kainelabs youzify Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
kainelabs youzify Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The Youzify WordPress plugin before 1.2.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection
Affected: kainelabs youzify
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2023-12-23&host_type=src&vulnerability=cve-2022-1950; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-02-01&host_type=src&vulnerability=cve-2022-1950; htt
Red Hat
kernel: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
vendor_redhat·2025-12-24·CVSS 4.4
CVE-2023-54073 [LOW] CWE-414 kernel: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
kernel: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
In the Linux kernel, the following vulnerability has been resolved:
tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
The following crash was reported:
[ 1950.279393] list_del corruption, ffff99560d485790->next is NULL
[ 1950.279400] ------------[ cut here ]------------
[ 1950.279401] kernel BUG at lib/list_debug.c:49!
[ 1950.279405] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI
[ 1950.279407] CPU: 11 PID: 5886 Comm: modprobe Tainted: G O 6.2.8_1 #1
[ 1950.279409] Hardware name: Gigabyte Technology Co., Ltd. B550M AORUS PRO-P/B550M AORUS PRO-P,
BIOS F15c 05/11/2022
[ 1950.279410] RIP: 0010:__list_del_entry_valid+0x59/0xc0
[ 1950.279415] Code: 48 8b 01 48 39 f8 75 5a 48 8b 72 08 48 39 c6 7
No detection rules found.
Nuclei
Youzify < 1.2.0 - Unauthenticated SQLi
nuclei·CVSS 9.8
CVE-2022-1950 [CRITICAL] Youzify < 1.2.0 - Unauthenticated SQLi
Youzify = 6'
- 'contains(body, "youzify-media")'
- 'status_code == 200'
condition: and
# digest: 4a0a00473045022006ca525e251a362de9c0f8e4f5bd469f27742d7de9601d767e29fea1bccdfcc6022100cea9c0e7af8183effcc960c9365b7f075e9751e762077c303831df18fbd4eb02:922c64590222798bb761d5b6d8e72950
2022-08-01
Published
Exploited in the wild