CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-3211

The WordPress Database Administrator WordPress plugin through 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.6%

CVSS Severity

CVSS v3 Score 9.8

References

https://wpscan.com/vulnerability/873824f0-e8b1-45bd-8579-bc3c649a54e5/
https://wpscan.com/vulnerability/873824f0-e8b1-45bd-8579-bc3c649a54e5/

Products affected by CVE-2023-3211

Dmparekh » Wordpress Database Administrator » Version: Any

cpe:2.3:a:dmparekh:wordpress_database_administrator:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3211

Products

Pricing

Contact Us