Lucene search
PatchstackCVELIST:CVE-2023-27610HistoryApr 16, 2023 - 7:41 a.m.
CVE-2023-27610 WordPress Transbank Webpay REST Plugin <= 1.6.6 is vulnerable to SQL Injection
2023-04-1607:41:13
CWE-89
Patchstack
www.cve.org
cve-2023-27610
sql injection
authentication
transbankdevelopers
wordpress
rest plugin
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.9%
Auth. (admin+) SQL Injection (SQLi) vulnerability in TransbankDevelopers Transbank Webpay REST plugin <=Β 1.6.6 versions.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "transbank-webpay-plus-rest",
"product": "Transbank Webpay REST",
"vendor": "TransbankDevelopers",
"versions": [
{
"changes": [
{
"at": "1.6.7",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.6.6",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Transbank Webpay REST < 1.6.7 - Admin+ SQLi
2023-04-06 00:00:00
cve
cve
CVE-2023-27610
2023-04-16 08:15:07
prion
prion
Sql injection
2023-04-16 08:15:00
nvd
nvd
CVE-2023-27610
2023-04-16 08:15:07
wordfence
wordfence
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.9%
Related for CVELIST:CVE-2023-27610