CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-5203

The WP Sessions Time Monitoring Full Automatic WordPress plugin before 1.0.9 does not sanitize the request URL or query parameters before using them in an SQL query, allowing unauthenticated attackers to extract sensitive data from the database via blind time based SQL injection techniques, or in some cases an error/union based technique.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.091

EPSS Ranking 92.3%

CVSS Severity

CVSS v3 Score 7.5

References

https://wpscan.com/vulnerability/7f4f505b-2667-4e0f-9841-9c1cd0831932
https://wpscan.com/vulnerability/7f4f505b-2667-4e0f-9841-9c1cd0831932

Products affected by CVE-2023-5203

Swit » Wp Sessions Time Monitoring Full Automatic » Version: Any

cpe:2.3:a:swit:wp_sessions_time_monitoring_full_automatic:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-5203

Products

Pricing

Contact Us