CVE-2023-0277

The WC Fields Factory WordPress plugin through 4.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2023-0277

creationtimestamp| type| source ---|---|--- 2023-04-17 16:38:47+00:00| seen| https://t.me/cibsecurity/62274...

CVE-2023-0277

The WC Fields Factory WordPress plugin through 4.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2023-0277 WC Fields Factory <= 4.1.5 - ShopManager+ SQLi

The WC Fields Factory WordPress plugin through 4.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2023-0277

The CVE CVE-2023-0277 affects WC Fields Factory for WordPress (

WordPress WC Fields Factory Plugin <= 4.1.6 is vulnerable to SQL Injection

Software WC Fields Factory Type Plugin Vulnerable versions = 4.1.6 Fixed in 4.1.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0277 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID 9041a40cc32e Credits Daniel Krohmer Fraunhofer IESE Kunal Sharma...