8 matches found
WordPress AN_Gradebook 5.0.1 SQL Injection
!/usr/bin/python3 Exploit Title: WordPress Plugin ANGradebook = 5.0.1 - Subscriber+ SQLi Date: 2023-07-26 Exploit Author: Lukas Kinneberg Github: https://github.com/lukinneberg/CVE-2023-2636 Vendor Homepage: https://wordpress.org/plugins/an-gradebook/ Software Link:...
CVE-2023-2636
creationtimestamp| type| source ---|---|--- 2023-07-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51632 2023-08-08 13:26:31+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8812...
WordPress AN_Gradebook 5.0.1 Plugin - SQL injection Vulnerability
!/usr/bin/python3 Exploit Title: WordPress Plugin ANGradebook = 5.0.1 - Subscriber+ SQLi Date: 2023-07-26 Exploit Author: Lukas Kinneberg Github: https://github.com/lukinneberg/CVE-2023-2636 Vendor Homepage: https://wordpress.org/plugins/an-gradebook/ Software Link:...
CVE-2023-2636
The ANGradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2023-2636 AN_GradeBook <= 5.0.1 - Subscriber+ SQLi
The ANGradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2023-2636 AN_GradeBook <= 5.0.1 - Subscriber+ SQLi
The ANGradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2023-2636
The CVE-2023-2636 entry concerns the WordPress plugin AN_GradeBook (up to version 5.0.1). The vulnerability arises because a parameter is not properly sanitized/escaped before being used in a SQL statement, enabling SQL injection. The impact is a potentially high-severity breach with the attack s...
WordPress AN_GradeBook Plugin <= 5.0.1 is vulnerable to SQL Injection
Software ANGradeBook Type Plugin Vulnerable versions = 5.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2636 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 3bf8fa61c014 Credits Lukas Kinneberg Required privilege Subscriber Publishe...