Vulnerability Details CVE-2023-32741
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.8%
CVSS Severity
CVSS v3 Score 7.2
References
- http://packetstormsecurity.com/files/175654/WordPress-Contact-Form-To-Any-API-1.1.2-SQL-Injection.html
- https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerability?_s_id=cve
- http://packetstormsecurity.com/files/175654/WordPress-Contact-Form-To-Any-API-1.1.2-SQL-Injection.html
- https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerability?_s_id=cve
Products affected by CVE-2023-32741
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:-
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.0
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.1
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.2
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.3
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.4
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.5
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.6
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.7
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.8
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.0.9
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.1.0
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.1.1
-
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:1.1.2