Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:50 a.m.9 views

CVE-2023-2719

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the id parameter for an Agent in the REST API before using it in an SQL statement, leading to an SQL Injection exploitable by users with a role as low as Subscriber...

8.8CVSS7.8AI score0.01203EPSS
Exploits1References1
NVD
NVD
added 2023/06/19 11:15 a.m.24 views

CVE-2023-2719

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the id parameter for an Agent in the REST API before using it in an SQL statement, leading to an SQL Injection exploitable by users with a role as low as Subscriber...

8.8CVSS9.1AI score0.01203EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/06/19 10:52 a.m.32 views

CVE-2023-2719 SupportCandy < 3.1.7 - Subscriber+ SQLi

The SupportCandy WordPress plugin before 3.1.7 does not properly sanitise and escape the id parameter for an Agent in the REST API before using it in an SQL statement, leading to an SQL Injection exploitable by users with a role as low as Subscriber...

9.3AI score0.01203EPSS
Exploits1References1
CVE
CVE
added 2023/06/19 10:52 a.m.68 views

CVE-2023-2719

CVE-2023-2719 concerns the WordPress plugin SupportCandy prior to version 3.1.7. The issue is an SQL Injection caused by insufficient sanitization/escaping of the REST API Agent endpoint’s id parameter before it is used in an SQL statement. This can be exploited by users with as little as a Subsc...

8.8CVSS9.3AI score0.01203EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2023/06/19 12:0 a.m.11 views

WordPress SupportCandy Plugin < 3.1.7 is vulnerable to SQL Injection

Software SupportCandy Type Plugin Vulnerable versions 3.1.7 Fixed in 3.1.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2719 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID c15c7e980643 Credits dc11 Required privilege Subscriber Published 19 June,...

8.8CVSS6.8AI score0.01203EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder