Lucene search

PatchstackVULNRICHMENT:CVE-2023-32508

HistoryNov 03, 2023 - 4:18 p.m.

CVE-2023-32508 WordPress Order Your Posts Manually Plugin <= 2.2.5 is vulnerable to SQL Injection

2023-11-0316:18:55

CWE-89

Patchstack

github.com

wordpress

sql injection

rolf van gelder

AI Score

7.9

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:rolfvangelder:order_your_posts_monthly:*:*:*:*:*:*:*:*"
    ],
    "vendor": "rolfvangelder",
    "product": "order_your_posts_monthly",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "2.2.5"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

patchstack.com/database/vulnerability/order-your-posts-manually/wordpress-order-your-posts-manually-plugin-2-2-5-sql-injection-vulnerability?_s_id=cve