CVE-2022-0781
Published: 23 May 2022
Summary
CVE-2022-0781 is a critical-severity SQL Injection (CWE-89) vulnerability in Nirweb Nirweb Support. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
The Nirweb Support WordPress plugin before version 2.8.2 contains an SQL injection vulnerability (CWE-89) tracked as CVE-2022-0781. The flaw stems from missing sanitization and escaping of a parameter supplied to an SQL statement inside an AJAX action handler. The issue received a CVSS 3.1 score of 9.8, reflecting network-accessible exploitation with no required authentication or user interaction.
An unauthenticated remote attacker can invoke the affected AJAX endpoint and supply a crafted parameter that alters the generated SQL query. Successful exploitation can yield full read/write access to the WordPress database, potentially allowing extraction of sensitive data, modification of content, or further compromise of the site.
The vulnerability is resolved in Nirweb Support 2.8.2 and later. Public references, including the WPScan advisory, recommend immediate upgrade of the plugin to the fixed release. The associated EPSS score has remained elevated, with a current value of 0.8292 and a recorded peak of 0.8592.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-15833
Vulnerability details
The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action (available to unauthenticated users), leading to an SQL injection
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.