3 matches found
CVE-2023-36508
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress contact-form-to-db allows SQL Injection.This issue affects Contact Form to DB by BestWebSoft – Messages Databa...
CVE-2023-36508
CVE-2023-36508 —SQL Injection in the WordPress plugin "Contact Form to DB by BestWebSoft – Messages Database". Affected versions: from n/a through 1.7.1 (BestWebSoft). Root cause: improper neutralization of input in SQL commands, enabling unauthenticated injection under administrator context. Imp...
WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.1 is vulnerable to SQL Injection
Software Contact Form to DB by BestWebSoft Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-36508 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID d7318d25ca7b Credits LEE SE HYOUNG hackintoanetwork...