CVE-2022-3481
published 2022-11-07CVE-2022-3481: The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST…
PriorityP180critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
3.69%
88.3th percentile
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opmc | woocommerce_dropshipping | < 4.4 | 4.4 |
Detection & IOCsextracted from sources · hover to see the quote
bytes
4b0a00483046022100dabe64b19e96630b2c8116c138c2f2f9029454d89962933a1a89c85845f64f94022100be06b5bf6eda5b034e274334c1683472d921737d1bfd884d64a0cd4dc288fde5:922c64590222798bb761d5b6d8e72950
- →The SQL injection is reachable via a REST endpoint accessible to unauthenticated users — monitor for anomalous REST API requests (e.g. unexpected SQL metacharacters or payloads) targeting WooCommerce Dropshipping plugin endpoints. ↗
- →Affected versions are WooCommerce Dropshipping plugin < 4.4; flag installations running versions up to and including 4.3 as vulnerable. ↗
- ·The nuclei/detection rule digest is embedded in the template itself and can be used to verify template integrity, but the source URL for the rule template was not provided in the supplied documentation.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m4wm-6gf3-2xqw: The WooCommerce Dropshipping WordPress plugin before 4
ghsa_unreviewed·2022-11-07
CVE-2022-3481 [CRITICAL] CWE-89 GHSA-m4wm-6gf3-2xqw: The WooCommerce Dropshipping WordPress plugin before 4
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection
VulnCheck
opmc woocommerce_dropshipping Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
vulncheck·2022·CVSS 9.8
CVE-2022-3481 [CRITICAL] opmc woocommerce_dropshipping Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
opmc woocommerce_dropshipping Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users, leading to a SQL injection
Affected: opmc woocommerce_dropshipping
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2025-07-21&host_type=src&vulnerability=cve-2022-3481; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2025-09-25&host_type=src&
No detection rules found.
Nuclei
NotificationX Dropshipping < 4.4 - SQL Injection
nuclei·CVSS 9.8
CVE-2022-3481 [CRITICAL] NotificationX Dropshipping < 4.4 - SQL Injection
NotificationX Dropshipping =7'
- 'status_code == 200'
- 'contains(content_type, "application/json")'
- 'contains_all(body, "code\":", "message\":\"Product", "status\":400")'
condition: and
# digest: 4b0a00483046022100dabe64b19e96630b2c8116c138c2f2f9029454d89962933a1a89c85845f64f94022100be06b5bf6eda5b034e274334c1683472d921737d1bfd884d64a0cd4dc288fde5:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
2022-11-07
Published
Exploited in the wild