6 matches found
CVE-2023-0263
The WP Yelp Review Slider WordPress plugin before 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2023-0263
The WP Yelp Review Slider WordPress plugin before 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2023-0263 WP Yelp Review Slider < 7.1 - Subscriber+ SQLi
The WP Yelp Review Slider WordPress plugin before 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2023-0263 WP Yelp Review Slider < 7.1 - Subscriber+ SQLi
The WP Yelp Review Slider WordPress plugin before 7.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2023-0263
CVE-2023-0263 affects the WordPress plugin “WP Yelp Review Slider” prior to version 7.1. The root cause is improper sanitisation/escaping of a parameter used in a SQL statement, enabling a SQL injection. Impact is exploitable by users with a low privilege level (subscriber) and can affect data co...
WordPress WP Yelp Review Slider Plugin < 7.1 is vulnerable to SQL Injection
Software WP Yelp Review Slider Type Plugin Vulnerable versions 7.1 Fixed in 7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0263 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 5ea7b649b637 Credits István Márton Required privilege Subscriber...