Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/23 5:7 a.m.10 views

CVE-2023-5674

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

8.8CVSS7.5AI score0.10826EPSS
Exploits2References1
osv
osv
added 2023/12/26 7:15 p.m.6 views

CVE-2023-5674

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

8.8CVSS5.8AI score0.10826EPSS
Exploits2References1
nvd
nvd
added 2023/12/26 7:15 p.m.26 views

CVE-2023-5674

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

8.8CVSS0.10826EPSS
Exploits2References1
cvelist
cvelist
added 2023/12/26 6:33 p.m.29 views

CVE-2023-5674 WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs/send_mail endpoint

The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...

9.2AI score0.10826EPSS
Exploits2References1
cve
cve
added 2023/12/26 6:33 p.m.45 views

CVE-2023-5674

The CVE-2023-5674 entry describes a SQL injection in the WP Mail Log WordPress plugin prior to version 1.1.3. The issue arises from improper sanitization/escaping of a parameter used in a SQL statement within the wml_logs/send_mail endpoint, enabling exploitation by users with a low-privilege rol...

8.8CVSS9AI score0.10826EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder