CVE-2023-4797
CVE-2023-4797 affects the Newsletters WordPress plugin before 4.9.3, where user-supplied parameters appended to SQL queries and shell commands are not properly escaped, enabling potential administrator-led arbitrary command execution on the server. The Red Hat/NVD entries corroborate the same des...