cbcvebase.
CVE-2022-3481
published 2022-11-07

CVE-2022-3481: The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST…

PriorityP180critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.69%
88.3th percentile
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection

Affected

1 ranges
VendorProductVersion rangeFixed in
opmcwoocommerce_dropshipping< 4.44.4

Detection & IOCsextracted from sources · hover to see the quote

bytes
4b0a00483046022100dabe64b19e96630b2c8116c138c2f2f9029454d89962933a1a89c85845f64f94022100be06b5bf6eda5b034e274334c1683472d921737d1bfd884d64a0cd4dc288fde5:922c64590222798bb761d5b6d8e72950
  • The SQL injection is reachable via a REST endpoint accessible to unauthenticated users — monitor for anomalous REST API requests (e.g. unexpected SQL metacharacters or payloads) targeting WooCommerce Dropshipping plugin endpoints.
  • Affected versions are WooCommerce Dropshipping plugin < 4.4; flag installations running versions up to and including 4.3 as vulnerable.
  • ·The nuclei/detection rule digest is embedded in the template itself and can be used to verify template integrity, but the source URL for the rule template was not provided in the supplied documentation.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.