Lucene search
WPScanCVE-2023-0875HistoryMar 20, 2023 - 4:15 p.m.
CVE-2023-0875
2023-03-2016:15:12
WPScan
web.nvd.nist.gov
29
cve-2023-0875
nvd
wp meta seo
sql injection
wordpress plugin
security vulnerability
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9
Confidence
High
EPSS
0.001
Percentile
31.1%
The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users.
Affected configurations
Node
joomunitedwp_meta_seoRange<4.5.3wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomunited | wp_meta_seo | * | cpe:2.3:a:joomunited:wp_meta_seo:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "WP Meta SEO",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "4.5.3"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
prion
prion
Sql injection
2023-03-20 16:15:00
cvelist
cvelist
CVE-2023-0875 WP Meta SEO < 4.5.3 - Subscriber+ SQLi
2023-03-20 15:52:21
wpexploit
wpexploit
WP Meta SEO < 4.5.3 - Subscriber+ SQLi
2023-02-27 00:00:00
wpvulndb
wpvulndb
WP Meta SEO < 4.5.3 - Subscriber+ SQLi
2023-02-27 00:00:00
nvd
nvd
CVE-2023-0875
2023-03-20 16:15:12
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
9
Confidence
High
EPSS
0.001
Percentile
31.1%
Related for CVE-2023-0875