Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2023-2843
HistoryAug 07, 2023 - 2:31 p.m.

CVE-2023-2843 MultiParcels Shipping For WooCommerce < 1.14.15 - Subscribers+ SQLi

2023-08-0714:31:25
WPScan
www.cve.org
cve-2023-2843
multiparcels shipping
woocommerce
sql injection
wordpress plugin

0.001 Low

EPSS

Percentile

19.9%

JSON

The MultiParcels Shipping For WooCommerce WordPress plugin before 1.14.15 does not properly sanitize and escape a parameter before using it in an SQL statement, which could allow any authenticated users, such as subscribers, to perform SQL Injection attacks.

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "MultiParcels Shipping For WooCommerce",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "1.14.15"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Related

nvd 1
wpvulndb 1
prion 1
wpexploit 1
cve 1
wordfence 1
nvd
nvd
CVE-2023-2843
2023-08-07 15:15:10
wpvulndb
wpvulndb
MultiParcels Shipping For WooCommerce < 1.14.15 - Subscriber+ SQLi
2023-07-17 00:00:00
prion
prion
Sql injection
2023-08-07 15:15:00
wpexploit
wpexploit
MultiParcels Shipping For WooCommerce < 1.14.15 - Subscriber+ SQLi
2023-07-17 00:00:00
cve
cve
CVE-2023-2843
2023-08-07 15:15:10
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (July 17, 2023 to July 23, 2023)
2023-07-27 15:52:29

0.001 Low

EPSS

Percentile

19.9%

JSON
Related for CVELIST:CVE-2023-2843
nvd1wpvulndb1prion1wpexploit1cve1wordfence1