3 matches found
CVE-2023-0900 AP Pricing Tables Lite <= 1.1.6 - Admin+ SQLi
The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admins...
CVE-2023-0900
The CVE-2023-0900 issue affects the Pricing Table Builder WordPress plugin (versions 1.1.6 and earlier). A parameter used in a SQL statement is not properly sanitized/escaped, enabling SQL injection. The vulnerability can be exploited by high-privilege administrators (admin) to access database co...
WordPress AP Pricing Tables Lite Plugin <= 1.1.6 is vulnerable to SQL Injection
Software AP Pricing Tables Lite Type Plugin Vulnerable versions = 1.1.6 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0900 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 2904c68cd1aa Credits Simone Onofri Donato Onofri Required privileg...