Lucene search
K

6 matches found

OSV
OSV
added 2023/05/30 8:15 a.m.5 views

CVE-2023-2111

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

4.9CVSS6.7AI score0.00752EPSS
Exploits2References1
NVD
NVD
added 2023/05/30 8:15 a.m.15 views

CVE-2023-2111

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

4.9CVSS5.2AI score0.00752EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/05/30 7:49 a.m.24 views

CVE-2023-2111 HollerBox < 2.1.4 - Admin+ SQL Injection

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

5.6AI score0.00752EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/05/30 7:49 a.m.7 views

CVE-2023-2111 HollerBox < 2.1.4 - Admin+ SQL Injection

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugin's report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the site's...

6.8AI score0.00752EPSS
Exploits2References1
CVE
CVE
added 2023/05/30 7:49 a.m.62 views

CVE-2023-2111

CVE-2023-2111 affects the WordPress plugin HollerBox (Fast & Effective Popups & Lead-Generation) up to version 2.1.3. The root cause is that user input is concatenated into an SQL query in the plugin’s report API endpoint without proper escaping, enabling potential information disclosure in multi...

4.9CVSS5.5AI score0.00752EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/05/04 12:0 a.m.10 views

WordPress HollerBox Plugin <= 2.1.3 is vulnerable to SQL Injection

Software HollerBox Type Plugin Vulnerable versions = 2.1.3 Fixed in 2.1.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2111 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 81f314d3ef98 Credits rSolutions Security Team Required privilege Administrato...

4.9CVSS6.8AI score0.00752EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder