5 matches found
CVE-2023-0579
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks...
CVE-2023-0579
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks...
CVE-2023-0579 YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks...
CVE-2023-0579 YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi
The YARPP WordPress plugin before 5.30.3 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection attacks...
CVE-2023-0579
CVE-2023-0579 affects the YARPP (Yet Another Related Posts Plugin) for WordPress, with versions prior to 5.30.3 vulnerable. The issue is that the plugin does not validate and escape certain shortcode attributes before interpolating them into SQL statements, enabling SQL injection by any authentic...