4 matches found
CVE-2023-0278
creationtimestamp| type| source ---|---|--- 2025-03-11 04:41:13+00:00| seen| Telegram/zFsS5CSDaxWUJ0RD7E77y2U9RUZWLCFYgumkr4lU3GAm0d...
CVE-2023-0278
The CVE concerns the GeoDirectory WordPress plugin (pre-2.2.24). The root cause is that a parameter was not properly sanitised/escaped before being used in a SQL statement, enabling a SQL injection. The vulnerability affects authenticated users with admin-level privileges, as described in multipl...
CVE-2023-0278 GeoDirectory < 2.2.24 - Admin+ SQLi
The GeoDirectory WordPress plugin before 2.2.24 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
WordPress GeoDirectory Plugin < 2.2.24 is vulnerable to SQL Injection
Software GeoDirectory Type Plugin Vulnerable versions 2.2.24 Fixed in 2.2.24 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0278 Patch priority Low CVSS severity Low 5.5 Developer Claim ownership PSID d8f1393a7ea2 Credits Daniel Krohmer Required privilege Administrator...