cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-3865,https://securityvulnerability.io/vulnerability/CVE-2022-3865,WP User Merger < 1.5.3 - Admin+ SQLi via ID,"The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin",Wordpress,WP User Merger,8.8,HIGH,0.0015699999639764428,false,,false,false,false,,false,false,2022-11-28T13:50:09.396Z,0
CVE-2022-3848,https://securityvulnerability.io/vulnerability/CVE-2022-3848,WP User Merger < 1.5.3 - Admin+ SQLi via wpsu_user_id,"The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin",Wordpress,WP User Merger,8.8,HIGH,0.0015699999639764428,false,,false,false,false,,false,false,2022-11-28T13:47:19.946Z,0
CVE-2022-3849,https://securityvulnerability.io/vulnerability/CVE-2022-3849,WP User Merger < 1.5.3 - Admin+ SQLi via user_id,"The WP User Merger WordPress plugin before 1.5.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as admin",Wordpress,WP User Merger,8.8,HIGH,0.0015699999639764428,false,,false,false,false,,false,false,2022-11-28T13:47:16.821Z,0