cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2019-14230,https://securityvulnerability.io/vulnerability/CVE-2019-14230,,An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the set_count ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged user to perform a SQL injection attack capable of remote code execution and information disclosure.,Wordpress,Onionbuzz,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,false,false,2019-07-21T23:15:00.000Z,0
CVE-2019-14231,https://securityvulnerability.io/vulnerability/CVE-2019-14231,,An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the ob_get_results ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an unauthenticated/unprivileged user to perform a SQL injection attack capable of remote code execution and information disclosure.,Wordpress,Onionbuzz,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,false,false,2019-07-21T23:15:00.000Z,0