Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:7 a.m.10 views

CVE-2023-5674

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

8.8CVSS7.5AI score0.10826EPSS
Exploits2References1
NVD
NVD
added 2023/12/26 7:15 p.m.25 views

CVE-2023-5674

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

8.8CVSS0.10826EPSS
Exploits2References1
OSV
OSV
added 2023/12/26 7:15 p.m.6 views

CVE-2023-5674

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

8.8CVSS5.8AI score0.10826EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/12/26 6:33 p.m.28 views

CVE-2023-5674 WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs/send_mail endpoint

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

9.2AI score0.10826EPSS
Exploits2References1
CVE
CVE
added 2023/12/26 6:33 p.m.45 views

CVE-2023-5674

The CVE-2023-5674 entry describes a SQL injection in the WP Mail Log WordPress plugin prior to version 1.1.3. The issue arises from improper sanitization/escaping of a parameter used in a SQL statement within the wml_logs/send_mail endpoint, enabling exploitation by users with a low-privilege rol...

8.8CVSS9AI score0.10826EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder