CVE-2023-2482

🗓️ 27 Jun 2023 13:17:10Reported by WPScanType

cve🔗 web.nvd.nist.gov👁 50 Views🌐 WEB

The Responsive CSS EDITOR WordPress plugin allows SQL injection by high-privilege users

Reporter	Title	Published	Views	Family All 13
CNNVD	WordPress plugin Responsive CSS EDITOR SQL注入漏洞	27 Jun 202300:00	–	cnnvd
Cvelist	CVE-2023-2482 Responsive CSS EDITOR <= 1.0 - Admin+ SQLi	27 Jun 202313:17	–	cvelist
EUVD	EUVD-2023-33966	3 Oct 202520:07	–	euvd
NVD	CVE-2023-2482	27 Jun 202314:15	–	nvd
OSV	CVE-2023-2482	27 Jun 202314:15	–	osv
Patchstack	WordPress Responsive CSS EDITOR Plugin <= 1.0 is vulnerable to SQL Injection	5 Jun 202300:00	–	patchstack
Prion	Sql injection	27 Jun 202314:15	–	prion
Positive Technologies	PT-2023-19801 · WordPress · Responsive Css Editor	27 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-2482	23 May 202501:53	–	redhatcve
Vulnrichment	CVE-2023-2482 Responsive CSS EDITOR <= 1.0 - Admin+ SQLi	27 Jun 202313:17	–	vulnrichment

NVD

Vulners

Node

wpwox responsive_css_editorRange≤1.0wordpress

[
  {
    "vendor": "Unknown",
    "product": "Responsive CSS EDITOR",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThanOrEqual": "1.0"
      }
    ],
    "defaultStatus": "affected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/c0f73781-be7e-482e-91de-ad7991ad4bd5

Parameter	Position	Path	Description	CWE
bid	query param	/wp-admin/admin.php?page=responsive_css_editor_setting&updateorder=false&deletebreakpoints=true&bid=(select*from(select(sleep(5)))a)	SQL injection via bid parameter due to insufficient sanitization/escaping in responsive_css_editor (CVE-2023-2482).	CWE-89

17 Jun 2026 05:52Current

7.2High risk

Vulners AI Score7.2

CVSS 3.17.2

EPSS0.0085

SSVC

CWE-89