cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-1685,https://securityvulnerability.io/vulnerability/CVE-2022-1685,Five Minute Webshop <= 1.3.2 - Admin+ SQLi via orderby,"The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection",Wordpress,Five Minute Webshop,4.9,MEDIUM,0.000590000010561198,false,,false,false,false,,false,false,2022-06-08T10:15:00.000Z,0
CVE-2022-1686,https://securityvulnerability.io/vulnerability/CVE-2022-1686,Five Minute Webshop <= 1.3.2 - Admin+ SQLi via id,"The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id parameter before using it in a SQL statement when editing a product via the admin dashboard, leading to an SQL Injection",Wordpress,Five Minute Webshop,2.7,LOW,0.000539999979082495,false,,false,false,false,,false,false,2022-06-08T10:15:00.000Z,0