High
CVSS 7.2
Overview
The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL statements, which could lead to SQL Injection exploitable by high privilege users
CVE-2022-3720
The Event Monster WordPress plugin before 1.2.0 does not validate and escape som...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.2 (HIGH)
- Detected tags: none (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.