4 matches found
CVE-2023-0098
creationtimestamp| type| source ---|---|--- 2025-03-21 20:25:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8437...
CVE-2023-0098
The Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber...
CVE-2023-0098
CVE-2023-0098 – Simple URLs WordPress plugin : A SQL injection exists in versions prior to 115 due to unescaped input in AJAX actions accessible to any authenticated user (e.g., subscribers). This can allow low-privilege users to influence SQL statements. The issue is mitigated by upgrading to ve...
WordPress Simple URLs Plugin < 115 is vulnerable to SQL Injection
Software Simple URLs Type Plugin Vulnerable versions 115 Fixed in 115 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0098 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID ce05d13c3118 Credits dc11 Required privilege Subscriber Published 17 January,...