exploitDog

GHSA-8vm8-c6hh-42j7

Опубликовано: 20 мар. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query.

The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query.

Ссылки

EPSS

Процентиль: 100%

0.92822

Критический

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-0630

CVSS3: 8.8

nvd

почти 3 года назад

The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query.

EPSS

Процентиль: 100%

0.92822

Критический

8.8 High

CVSS3

CVE ID

Дефекты

CWE-89