Lucene search
PRIOn knowledge basePRION:CVE-2023-2744HistoryJun 27, 2023 - 2:15 p.m.
Sql injection
2023-06-2714:15:00
PRIOn knowledge base
www.prio-n.com
4
erp
wordpress
sql injection
vulnerability
rest api
privilege users
admin
0.001 Low
EPSS
Percentile
41.0%
The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the type parameter in the erp/v1/accounting/v1/people REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
Related
wpexploit
wpexploit
WP ERP < 1.12.4 - Admin+ SQL Injection
2023-06-05 00:00:00
wpvulndb
wpvulndb
WP ERP < 1.12.4 - Admin+ SQL Injection
2023-06-05 00:00:00
cvelist
cvelist
CVE-2023-2744 WP ERP < 1.12.4 - Admin+ SQL Injection
2023-06-27 13:17:11
nvd
nvd
CVE-2023-2744
2023-06-27 14:15:11
cve
cve
CVE-2023-2744
2023-06-27 14:15:11
githubexploit
githubexploit
Exploit for CVE-2023-2744
2023-12-31 07:27:17
packetstorm
packetstorm
WordPress WP ERP 1.12.2 SQL Injection
2023-10-16 00:00:00
zdt
zdt
WordPress WP ERP 1.12.2 SQL Injection Vulnerability
2023-10-16 00:00:00