3 matches found
WordPress Groundhogg Plugin < 2.7.9.4 is vulnerable to SQL Injection
Software Groundhogg Type Plugin Vulnerable versions 2.7.9.4 Fixed in 2.7.9.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-1425 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 167f137b46dd Credits rSolutions Security Team Required privilege...
CVE-2023-1425 Groundhogg Contacts < 2.7.9.4 - Admin+ SQLi
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg WordPress plugin before 2.7.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...
CVE-2023-1425 Groundhogg Contacts < 2.7.9.4 - Admin+ SQLi
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg WordPress plugin before 2.7.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...