HTTP: WordPress Ketchup Restaurant Reservations Plugin SQL Injection

This signature detects attempts to exploit a known vulnerability against Ketchup Restaurant Reservations Plugin of WordPress. A successful attack can lead to command injection and arbitrary code execution.

Extended Description

The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks

Affected Products

Ketchup_restaurant_reservations_project ketchup_restaurant_reservations

References

CVE: CVE-2022-2754

Short Name
HTTP:SQL:WP-KETCHIP-SQL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2022-2754 Injection Ketchup Plugin Reservations Restaurant SQL WordPress
Release Date
10/10/2022
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3533
False Positive
Unknown
Vendors

Ketchup_restaurant_reservations_project

Found a potential security threat?