CVE-2022-45805: 
WordPress vulnerability analysis and mitigation

The Paytm Payment Gateway WordPress plugin versions up to 2.7.3 contains an SQL Injection vulnerability (CVE-2022-45805). The vulnerability was discovered by Aman Rawat and was published on February 22, 2023. This security issue affects the plugin's functionality and requires editor-level privileges to exploit (Patchstack).

The vulnerability is classified as an SQL Injection (CWE-89: Improper Neutralization of Special Elements used in an SQL Command). It received a CVSS v3.1 base score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating high severity across confidentiality, integrity, and availability impacts (NVD).

The SQL Injection vulnerability could allow a malicious actor with editor-level access to directly interact with the database, potentially leading to unauthorized data access, modification, or deletion of database contents (Patchstack).

Users are advised to update to version 2.7.7 or later of the Paytm Payment Gateway plugin to remediate this vulnerability. Patchstack has also issued a virtual patch to mitigate this issue by blocking potential attacks until users can update to a fixed version (Patchstack).