Presspage: Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03
The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users
CVSS Score
9.8
EPSS Score
0.688
Published
2022-06-13