CVE-2023-0278 in GeoDirectory Plugin
Sumário
de MITRE • 27/02/2023
The GeoDirectory WordPress plugin before 2.2.24 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.