Lucene search

[email protected]NVD:CVE-2023-33209

HistoryDec 20, 2023 - 4:15 p.m.

CVE-2023-33209

2023-12-2016:15:08

CWE-89

[email protected]

web.nvd.nist.gov

sql injection

crawlspider

seo change monitor

vulnerability

website changes

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS

0.001

Percentile

19.4%

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in CrawlSpider SEO Change Monitor – Track Website Changes.This issue affects SEO Change Monitor – Track Website Changes: from n/a through 1.2.

Affected configurations

Nvd

Node

crawlspiderseo_change_monitorRange<1.3wordpress

VendorProductVersionCPE
crawlspiderseo_change_monitor*cpe:2.3:a:crawlspider:seo_change_monitor:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
crawlspider	seo_change_monitor	*	cpe:2.3:a:crawlspider:seo_change_monitor::::::wordpress::*

References

patchstack.com/database/vulnerability/seo-change-monitor/wordpress-seo-change-monitor-plugin-1-2-sql-injection-vulnerability?_s_id=cve

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS

0.001

Percentile

19.4%

JSON

Related for NVD:CVE-2023-33209

cve1 vulnrichment1 prion1 cvelist1 wordfence1