3 matches found
CVE-2023-34383
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP Project Manager wedevs-project-manager allows SQL Injection.This issue affects WP Project Manager: from n/a through 2.6.0...
CVE-2023-34383
CVE-2023-34383 affects the WordPress plugin WP Project Manager (weDevs) up to version 2.6.0. It is a SQL Injection vulnerability caused by improper neutralization of input in SQL commands, leading to unauthorized data access or manipulation when exploited by authenticated users (Subscriber+). Pub...
WordPress WP Project Manager Plugin <= 2.6.0 is vulnerable to SQL Injection
Software WP Project Manager Type Plugin Vulnerable versions = 2.6.0 Fixed in 2.6.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-34383 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 02d3661940eb Credits Theodoros Malachias Required privilege...