Vulnerability Details CVE-2023-28748
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in biztechc Copy or Move Comments allows SQL Injection.This issue affects Copy or Move Comments: from n/a through 5.0.4.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.6%
CVSS Severity
CVSS v3 Score 9.8
References
- https://patchstack.com/database/vulnerability/copy-or-move-comments/wordpress-copy-or-move-comments-plugin-5-0-4-sql-injection-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/copy-or-move-comments/wordpress-copy-or-move-comments-plugin-5-0-4-sql-injection-vulnerability?_s_id=cve
Products affected by CVE-2023-28748
-
cpe:2.3:a:appjetty:copy_or_move_comments:1.0.0
-
cpe:2.3:a:appjetty:copy_or_move_comments:1.0.1
-
cpe:2.3:a:appjetty:copy_or_move_comments:2.0.0
-
cpe:2.3:a:appjetty:copy_or_move_comments:3.0.0
-
cpe:2.3:a:appjetty:copy_or_move_comments:3.0.1
-
cpe:2.3:a:appjetty:copy_or_move_comments:4.0.0
-
cpe:2.3:a:appjetty:copy_or_move_comments:4.0.1
-
cpe:2.3:a:appjetty:copy_or_move_comments:4.0.2
-
cpe:2.3:a:appjetty:copy_or_move_comments:5.0.2
-
cpe:2.3:a:appjetty:copy_or_move_comments:5.0.3
-
cpe:2.3:a:appjetty:copy_or_move_comments:5.0.4