CVE-2022-3481 Information

Description

The WooCommerce Dropshipping WordPress plugin before 4.4 does not properly sanitise and escape a parameter before using it in a SQL statement via a REST endpoint available to unauthenticated users leading to a SQL injection

Reference

https://wpscan.com/vulnerability/c5e395f8-257e-49eb-afbd-9c1e26045373