Lucene search
K

4 matches found

Circl
Circl
added 2025/03/21 8:25 p.m.7 views

CVE-2023-0098

creationtimestamp| type| source ---|---|--- 2025-03-21 20:25:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8437...

8.8CVSS8.1AI score0.00943EPSS
Exploits2References1
OSV
OSV
added 2023/02/13 3:15 p.m.4 views

CVE-2023-0098

The Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber...

8.8CVSS5.8AI score0.00943EPSS
Exploits2References1
CVE
CVE
added 2023/02/13 2:32 p.m.61 views

CVE-2023-0098

CVE-2023-0098 – Simple URLs WordPress plugin : A SQL injection exists in versions prior to 115 due to unescaped input in AJAX actions accessible to any authenticated user (e.g., subscribers). This can allow low-privilege users to influence SQL statements. The issue is mitigated by upgrading to ve...

8.8CVSS8.9AI score0.00943EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2023/01/17 12:0 a.m.24 views

WordPress Simple URLs Plugin < 115 is vulnerable to SQL Injection

Software Simple URLs Type Plugin Vulnerable versions 115 Fixed in 115 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0098 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ce05d13c3118 Credits dc11 Required privilege Subscriber Published 17 January,...

8.8CVSS6.8AI score0.00943EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder