2 matches found
CVE-2023-2484
CVE-2023-2484 : The Active Directory Integration / LDAP Integration plugin for WordPress is affected in versions up to 4.1.4 by time-based SQL Injection via the vulnerable orderby and order parameters due to insufficient escaping and lack of proper SQL preparation. Exploitation requires authentic...
WordPress Active Directory Integration / LDAP Integration Plugin <= 4.1.4 is vulnerable to SQL Injection
Software Active Directory Integration / LDAP Integration Type Plugin Vulnerable versions = 4.1.4 Fixed in 4.1.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2484 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 166c0938a64d Credits Marco Wotschka...