CVE-2023-0388

The Random Text WordPress plugin through 0.3.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers...

CVE-2023-0388

CVE-2023-0388 – Random Text WordPress plugin

CVE-2023-0388 Random Text <= 0.3.0 - Subscriber+ SQLi

The Random Text WordPress plugin through 0.3.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers...

WordPress plugin Random Text SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Random Text Plugin <= 0.3.0 is vulnerable to SQL Injection

Software Random Text Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-0388 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID a97bfdc5fe90 Credits Lana Codes Required privilege Subscriber Published 12...

Scareware Scammers Hijack Twitter Trending Topics

Security researchers are reporting on an ongoing scareware serving campaign abusing the popular micro-blogging service Twitter. Hundreds of tweets using four different URL shortening services are currently spammed through the automatically registered Twitter accounts, relying on a pseudo-random...

AvailScript Article Script - Arbitrary File Upload

Availscript Article Script Remote File Upload Vulnerability ---------------------------------------------------------- Discovered By: S.W.A.T. [email protected] Home: www.batlagh.com Script Page: http://www.availscript.com/articlescript.php...