Vulnerability Details CVE-2023-1408
The Video List Manager WordPress plugin through 1.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
Exploit prediction scoring system (EPSS) score
EPSS Score 0.15
EPSS Ranking 94.2%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2023-1408
-
cpe:2.3:a:video_list_manager_project:video_list_manager:*