Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:48 a.m.13 views

CVE-2023-2744

The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the type parameter in the erp/v1/accounting/v1/people REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.3AI score0.02632EPSS
Exploits5References1
GithubExploit
GithubExploit
added 2023/12/31 7:27 a.m.459 views

Exploit for CVE-2023-2744

Exploit Title: WP Plugins WP ERP = 1.12.2 - SQL Injection D...

7.2CVSS8.2AI score0.02632EPSS
Exploits5
Packet Storm
Packet Storm
added 2023/10/16 12:0 a.m.318 views

WordPress WP ERP 1.12.2 SQL Injection

Exploit Title: WP Plugins WP ERP = 1.12.2 - SQL Injection Date: 15-10-2023 Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/erp/ Vendor Homepage: https://wperp.com/ Version: 1.12.2 Tested on: Windows, Linux CVE: CVE-2023-2744 Product Description WP ERP is the first full-fledge...

7.2CVSS7.1AI score0.02632EPSS
Exploits5
0day.today
0day.today
added 2023/10/16 12:0 a.m.423 views

WordPress WP ERP 1.12.2 SQL Injection Vulnerability

Exploit Title: WP Plugins WP ERP = 1.12.2 - SQL Injection Exploit Author: Arvandy Software Link: https://wordpress.org/plugins/erp/ Vendor Homepage: https://wperp.com/ Version: 1.12.2 Tested on: Windows, Linux CVE: CVE-2023-2744 Product Description WP ERP is the first full-fledged ERP Enterprise...

7.2CVSS7.1AI score0.02632EPSS
Exploits5
OSV
OSV
added 2023/06/27 1:17 p.m.12 views

CVE-2023-2744 WP ERP < 1.12.4 - Admin+ SQL Injection

The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the type parameter in the erp/v1/accounting/v1/people REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.1AI score0.02632EPSS
Exploits5References5
CVE
CVE
added 2023/06/27 1:17 p.m.69 views

CVE-2023-2744

CVE-2023-2744 affects the WP ERP WordPress plugin pre-1.12.4. The vulnerability is a SQL injection in the REST endpoint erp/v1/accounting/v1/people where the type parameter is not properly sanitized/escaped before use in a SQL statement, allowing high-privilege users (e.g., admins) to potentially...

7.2CVSS7.1AI score0.02632EPSS
Exploits5References2Affected Software1
Patchstack
Patchstack
added 2023/06/22 12:0 a.m.22 views

WordPress Afterpay Gateway for WooCommerce Plugin < 1.12.4 is vulnerable to SQL Injection

Software Afterpay Gateway for WooCommerce Type Plugin Vulnerable versions 1.12.4 Fixed in 1.12.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-2744 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID d0e7ba2b77fa Credits Arvandy Required privilege...

7.2CVSS6.8AI score0.02632EPSS
Exploits5References4Affected Software1
Rows per page
Query Builder