7 matches found
CVE-2023-23660
Auth. subscriber+ SQL Injection SQLi vulnerability in MainWP MainWP Maintenance Extension plugin = 4.1.1 versions...
CVE-2023-23660
Auth. subscriber+ SQL Injection SQLi vulnerability in MainWP MainWP Maintenance Extension plugin = 4.1.1 versions...
CVE-2023-23660
Auth. subscriber+ SQL Injection SQLi vulnerability in MainWP MainWP Maintenance Extension plugin = 4.1.1 versions...
Sql injection
Auth. subscriber+ SQL Injection SQLi vulnerability in MainWP MainWP Maintenance Extension plugin = 4.1.1 versions...
CVE-2023-23660
MainWP Maintenance Extension for WordPress is affected up to version 4.1.1 with an authenticated (subscriber) SQL Injection vulnerability. The root cause is a SQLi in the plugin that can be triggered by a subscriber. Fixed in version 4.1.2; upgrade to mitigate. Patchstack also lists high risk (CV...
WordPress MainWP Maintenance Extension Plugin <= 4.1.1 is vulnerable to SQL Injection
Software MainWP Maintenance Extension Type Plugin Vulnerable versions = 4.1.1 Fixed in 4.1.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-23660 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 9ddad2ceeae4 Credits Dave Jong Patchstack Required...
WordPress MainWP Maintenance Extension Plugin <= 4.1.1 is vulnerable to Settings Change
Software MainWP Maintenance Extension Type Plugin Vulnerable versions = 4.1.1 Fixed in 4.1.2 OWASP Top 10 A5: Broken Access Control Classification Settings Change CVE CVE-2023-23662 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 8194a64eddf2 Credits Dave Jong...