Lucene search
PatchstackCVE-2023-47852HistoryDec 20, 2023 - 3:15 p.m.
CVE-2023-47852
2023-12-2015:15:09
CWE-89
Patchstack
web.nvd.nist.gov
49
cve
sql injection
link whisper free
security vulnerability
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
EPSS
0.001
Percentile
19.3%
Improper Neutralization of Special Elements used in an SQL Command (βSQL Injectionβ) vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.6.5.
Affected configurations
Node
linkwhisperlink_whisper_freeRange<0.6.6wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linkwhisper | link_whisper_free | * | cpe:2.3:a:linkwhisper:link_whisper_free:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "link-whisper",
"product": "Link Whisper Free",
"vendor": "Link Whisper",
"versions": [
{
"changes": [
{
"at": "0.6.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "0.6.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-47852
2023-12-20 15:15:09
wpvulndb
wpvulndb
Link Whisper Free < 0.6.6 - Authenticated (Contributor+) SQL Injection
2023-11-29 00:00:00
cvelist
cvelist
prion
prion
Sql injection
2023-12-20 15:15:00
wordfence
wordfence
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
EPSS
0.001
Percentile
19.3%
Related for CVE-2023-47852