CVE-2022-46808: WordPress ARMember Plugin <= 3.4.11 is vulnerable to SQL Injection
First published: Fri Nov 03 2023(Updated: )
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Repute Infosystems ARMember armember-membership allows SQL Injection.This issue affects ARMember: from n/a through 3.4.11.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Reputeinfosystems Armember | <4.0 |
Remedy
Update to 4.0 or a higher version.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-46808.
What is the severity level of CVE-2022-46808?
The severity level of CVE-2022-46808 is critical with a score of 9.8.
What is the affected software for CVE-2022-46808?
The affected software for CVE-2022-46808 is the ARMember plugin version up to 3.4.11.
What is the CWE ID associated with CVE-2022-46808?
The CWE ID associated with CVE-2022-46808 is CWE-89.
How can I fix the SQL Injection vulnerability in ARMember Plugin?
To fix the SQL Injection vulnerability in ARMember Plugin, update to version 4.0 or higher.
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/title
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/remedy
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/reputeinfosystems
- canonical/reputeinfosystems armember