Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2023-0955
HistoryMar 27, 2023 - 4:15 p.m.

CVE-2023-0955

2023-03-2716:15:09
Google
osv.dev
7

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.8%

JSON

The WP Statistics WordPress plugin before 14.0 does not escape a parameter, which could allow authenticated users to perform SQL Injection attacks. By default, the affected feature is available to users with the manage_options capability (admin+), however the plugin has a settings to allow low privilege users to access it as well.

Related

wpexploit 1
prion 1
cve 1
wpvulndb 1
cvelist 1
openvas 1
wordfence 1
wpexploit
wpexploit
WP Statistics < 14.0 - Authenticated SQLi
2023-03-06 00:00:00
prion
prion
Sql injection
2023-03-27 16:15:00
cve
cve
CVE-2023-0955
2023-03-27 16:15:09
wpvulndb
wpvulndb
WP Statistics < 14.0 - Authenticated SQLi
2023-03-06 00:00:00
cvelist
cvelist
CVE-2023-0955 WP Statistics < 14.0 - Authenticated SQLi
2023-03-27 15:37:29
openvas
openvas
WordPress WP Statistics Plugin < 13.2.11 Multiple SQLi Vulnerabilities
2023-03-10 00:00:00
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (Mar 6, 2023 to Mar 12, 2023)
2023-03-16 13:53:38

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.8%

JSON
Related for OSV:CVE-2023-0955
wpexploit1prion1cve1wpvulndb1cvelist1openvas1wordfence1