CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-47445 – WordPress Be POPIA Compliant Plugin <= 1.2.0 is vulnerable to SQL Injection
https://notcve.org/view.php?id=CVE-2022-47445
15 Mar 2023 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Web-X Be POPIA Compliant be-popia-compliant allows SQL Injection.This issue affects Be POPIA Compliant: from n/a through 1.2.0. Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en Web-X Be POPIA Compliant be-popia-compliant permite la inyección SQL. Este problema afecta Be POPIA Compliant: desde n/a hasta 1.2.0. The Be POPIA Compliant plugin... • https://patchstack.com/database/vulnerability/be-popia-compliant/wordpress-be-popia-compliant-plugin-1-2-0-sql-injection?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1186 – Be POPIA Compliant <= 1.1.5 - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2022-1186
30 Mar 2022 — The WordPress plugin Be POPIA Compliant exposed sensitive information to unauthenticated users consisting of site visitors emails and usernames via an API route, in versions up to an including 1.1.5. El plugin Be POPIA Compliant de WordPress expuso información confidencial a usuarios no autenticados consistente en correos electrónicos y nombres de usuario de los visitantes del sitio por medio de una ruta API, en versiones hasta 1.1.5 incluyéndola • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2701343%40be-popia-compliant&new=2701343%40be-popia-compliant&sfp_email=&sfph_mail= • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •