Lucene search
WpvulndbWPVDB-ID:598FDDE8-2D16-4531-9EC2-A9FF99695AF5HistoryOct 20, 2023 - 12:00 a.m.
Horizontal scrolling announcement <= 9.2 - Authenticated (subscriber+) Blind SQL Injection
2023-10-2000:00:00
wpscan.com
2
plugin
authenticated
subscriber+
blind sql injection
sql statement
low privilege users
Description The plugin did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing low privilege users (subscriber+) to perform Blind SQL Injection attack.
Related
nvd
nvd
CVE-2023-4999
2023-10-20 08:15:12
cvelist
cvelist
CVE-2023-4999
2023-10-20 07:29:29
cve
cve
CVE-2023-4999
2023-10-20 08:15:12
prion
prion
Sql injection
2023-10-20 08:15:00
wordfence
wordfence
7.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
19.4%
Related for WPVDB-ID:598FDDE8-2D16-4531-9EC2-A9FF99695AF5