CVE-2022-45373

Source
https://cve.org/CVERecord?id=CVE-2022-45373
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-45373.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-45373
Published
2023-11-06T07:50:54.905Z
Modified
2026-07-08T06:01:48.189689411Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L CVSS Calculator
Summary
WordPress Slimstat Analytics Plugin <= 5.0.4 is vulnerable to SQL Injection
Details

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics allows SQL Injection.This issue affects Slimstat Analytics: from n/a through 5.0.4.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "last_affected": "5.0.4"
                }
            ]
        },
        {
            "source": "DESCRIPTION",
            "extracted_events": [
                {
                    "fixed": "5.0.4"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/45xxx/CVE-2022-45373.json",
    "cna_assigner": "Patchstack",
    "cwe_ids": [
        "CWE-89"
    ]
}
References

Affected packages

Git / github.com/wp-slimstat/wp-slimstat

Affected ranges

Type
GIT
Repo
https://github.com/wp-slimstat/wp-slimstat
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:wp-slimstat:slimstat_analytics:*:*:*:*:*:wordpress:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.0.5"
        }
    ]
}

Affected versions

4.*
4.8.1
4.8.2
4.8.3
4.9
4.9.0.1
v4.*
v4.9.2
v4.9.3
v4.9.3.1
v4.9.3.2
v4.9.3.3
v4.9.4
v5.*
v5.0
v5.0.1
v5.0.2
v5.0.3
v5.0.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-45373.json"