CVE-2022-46849
Summary
A critical SQL Injection vulnerability, identified as CVE-2022-46849, has been discovered in the Weblizar Coming Soon Page plugin. This flaw allows attackers to execute arbitrary SQL commands on the affected system.
IFF Assessment
FOE
This vulnerability allows for unauthorized data access and manipulation, posing a direct threat to system integrity and data confidentiality.
Severity
9.8
Critical
Defender Context
This SQL injection vulnerability in a popular WordPress plugin presents a high-risk attack vector for websites using older versions of the plugin. Defenders should prioritize patching or updating the Weblizar Coming Soon Page plugin to the latest version and implement robust web application firewalls (WAFs) to detect and block SQL injection attempts.