Lucene search
HistoryApr 16, 2023 - 8:15 a.m.
CVE-2023-27610
cve-2023-27610
sql injection
transbankdevelopers
transbank webpay
nvd
security vulnerability
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.9%
Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelopers Transbank Webpay REST plugin <=Β 1.6.6 versions.
Affected configurations
Node
transbankdeveloperstransbank_webpay_restRangeβ€1.6.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| transbank:transbank_webpay_rest | transbank transbank webpay rest | le | 1.6.6 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "transbank-webpay-plus-rest",
"product": "Transbank Webpay REST",
"vendor": "TransbankDevelopers",
"versions": [
{
"changes": [
{
"at": "1.6.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Social References
More
Related
cvelist
cvelist
wpvulndb
wpvulndb
Transbank Webpay REST < 1.6.7 - Admin+ SQLi
2023-04-06 00:00:00
prion
prion
Sql injection
2023-04-16 08:15:00
nvd
nvd
CVE-2023-27610
2023-04-16 08:15:07
wordfence
wordfence
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.9%
Related for CVE-2023-27610