Vulnerabilities and security researches forletsrecover-woocommerce-abandoned-cart

CVE, Research URL: CVE-2022-4355
Home page URL: Security reports for LetsRecover – WooCommerce Abandoned Cart Notifications
Application: LetsRecover – WooCommerce Abandoned Cart Notifications
Date: Jan 03, 2023
Research Description: The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Affected versions: max 1.2.0.
Status: vulnerable

CVE, Research URL: CVE-2022-4356
Home page URL: Security reports for LetsRecover – WooCommerce Abandoned Cart Notifications
Application: LetsRecover – WooCommerce Abandoned Cart Notifications
Date: Jan 03, 2023
Research Description: The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Affected versions: max 1.2.0.
Status: vulnerable

CVE, Research URL: CVE-2022-4357
Home page URL: Security reports for LetsRecover – WooCommerce Abandoned Cart Notifications
Application: LetsRecover – WooCommerce Abandoned Cart Notifications
Date: Jan 03, 2023
Research Description: The LetsRecover WordPress plugin before 1.2.0 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
Affected versions: max 1.2.0.
Status: vulnerable

Vulnerabilities and security researches forletsrecover-woocommerce-abandoned-cart letsrecover-woocommerce-abandoned-cart