CVE-2022-2754
Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Blind SQLi
Vexday Risk Score
15Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 37.7%KEV nãoPoC —Patch —
Lifecycle
19 Sep 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks
Affected products
Unknown · Ketchup Restaurant ReservationsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →