Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:33 a.m.8 views

CVE-2023-2761

The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the txtsearch parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.3AI score0.00717EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/07/24 10:20 a.m.14 views

CVE-2023-2761 User Activity Log < 1.6.3 - Admin+ SQL Injection

The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the txtsearch parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin...

7.3AI score0.00717EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/07/24 10:20 a.m.29 views

CVE-2023-2761 User Activity Log < 1.6.3 - Admin+ SQL Injection

The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the txtsearch parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin...

7.4AI score0.00717EPSS
Exploits2References1
CVE
CVE
added 2023/07/24 10:20 a.m.67 views

CVE-2023-2761

The CVE-2023-2761 entry concerns the WordPress plugin User Activity Log, affected in versions prior to 1.6.3. The vulnerability is a SQL injection in admin pages caused by improper sanitisation/escaping of the txtsearch parameter used in SQL statements. Impact is high: remote-like access is not r...

7.2CVSS7.1AI score0.00717EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder