4 matches found
CVE-2023-1408 Video List Manager <= 1.7 - Admin+ SQL Injection
The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2023-1408 Video List Manager <= 1.7 - Admin+ SQL Injection
The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...
CVE-2023-1408
CVE-2023-1408 affects the Video List Manager WordPress plugin (
WordPress Video List Manager Plugin <= 1.7 is vulnerable to SQL Injection
Software Video List Manager Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-1408 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID ca6c3ba4113e Credits zhangyunpei and Yeting Li VARAS@IIE Required...