4 matches found
Exploit for SQL Injection in Wp-Slimstat Slimstat_Analytics
CVE-2023-0630 CVE-2023-0630 - Slimstat Analytics 4.9.3.3...
CVE-2023-0630 Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection
The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query...
CVE-2023-0630
The Slimstat Analytics WordPress plugin (pre-4.9.3.3) is vulnerable to SQL injection via shortcodes that concatenate attributes directly into SQL queries. Root cause: improper handling of shortcode attributes allows crafting queries that reach the database (CWE-89). Impact per sources: potential ...
WordPress Slimstat Analytics Plugin <= 4.9.3.2 is vulnerable to SQL Injection
Software Slimstat Analytics Type Plugin Vulnerable versions = 4.9.3.2 Fixed in 4.9.3.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0630 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 4253ca9a6d2d Credits Marc Montpas Required privilege Subscribe...