2 matches found
CVE-2023-5465
CVE-2023-5465 affects the WordPress Popup with fancybox plugin. Vulnerable through version 3.5 due to insufficient escaping of user input and a lack of proper SQL query preparation. This enables authenticated attackers with subscriber-level permissions to append additional SQL, potentially exposi...
WordPress Popup with fancybox Plugin <= 3.5 is vulnerable to SQL Injection
Software Popup with fancybox Type Plugin Vulnerable versions = 3.5 Fixed in 3.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-5465 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 12bd56b92eb5 Credits István Márton Required privilege Contributor...