Lucene search
CVE-2023-0630
The Slimstat Analytics WordPress plugin allows SQL concatenation by subscriber
Show more
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection | 27 Feb 202300:00 | – | wpvulndb |
 | CVE-2023-0630 Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection | 20 Mar 202315:52 | – | vulnrichment |
 | CVE-2023-0630 | 20 Mar 202316:15 | – | osv |
 | CVE-2023-0630 | 20 Mar 202316:15 | – | nvd |
 | CVE-2023-0630 Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection | 20 Mar 202315:52 | – | cvelist |
 | Slimstat Analytics < 4.9.3.3 Subscriber - SQL Injection | 16 Jun 202300:22 | – | nuclei |
 | Code injection | 20 Mar 202316:15 | – | prion |
 | WordPress Slimstat Analytics Plugin <= 4.9.3.2 is vulnerable to SQL Injection | 28 Feb 202300:00 | – | patchstack |
 | Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection | 27 Feb 202300:00 | – | wpexploit |
 | Exploit for CVE-2023-0630 | 9 Jun 202312:02 | – | githubexploit |
10
Node
[
{
"vendor": "Unknown",
"product": "Slimstat Analytics",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "4.1",
"lessThan": "4.9.3.3"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | request body | /wp-admin/admin-ajax.php | SQL Injection vulnerability allowing subscribers to manipulate SQL queries via shortcodes. | CWE-89 |
| shortcode | request body | /wp-admin/admin-ajax.php | SQL Injection vulnerability allowing subscribers to manipulate SQL queries via shortcodes. | CWE-89 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo20 Mar 2023 16:15Current
8.9High risk
Vulners AI Score8.9
CVSS38.8
EPSS0.93141
SSVC