CVE-2023-2201
CVE-2023-2201 affects Web Directory Free for WordPress (plugin) up to version 1.6.7. Root cause: insufficient escaping and lack of prepared SQL in the post_id parameter, enabling an authenticated contributor to inject additional SQL into existing queries and potentially exfiltrate data. Public de...