CVE-2023-0579 in YARPP Plugininformação

Sumário

de MITRE • 16/08/2023

The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

30/01/2023

Divulgação

16/08/2023

Moderação

aceite

Entrada

VDB-237306

CPE

pronto

CWE

CWE-89 (confirmado)

CVSS

8.8 (NVD)

EPSS

0.00347

KEV

não

Atividades

muito baixo

Sector

Hostingprovider

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-0579
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-0579
CVE Details	https://www.cvedetails.com/cve/CVE-2023-0579/

◂ Voltar Visão Geral Próximo ▸

Do you need the next level of professionalism?

Upgrade your account now!