2 matches found
CVE-2023-4598
The Slimstat Analytics plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 5.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
PT-2024-38625 · Yith · Yith Woocommerce Ajax Search
Name of the Vulnerable Software and Affected Versions: YITH WooCommerce Ajax Search affected versions not specified Description: The issue is related to insufficient sanitization of user-supplied block attributes, which allows attackers with Contributors+ permissions to inject arbitrary scripts...