Lucene search
PatchstackCVE-2023-28748HistoryNov 06, 2023 - 9:15 a.m.
CVE-2023-28748
2023-11-0609:15:07
CWE-89
Patchstack
web.nvd.nist.gov
36
cve-2023-28748
sql injection
biztechc
copy or move comments
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.001
Percentile
33.0%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in biztechc Copy or Move Comments allows SQL Injection.This issue affects Copy or Move Comments: from n/a through 5.0.4.
Affected configurations
Node
appjettycopy_or_move_commentsRange≤5.0.4wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| appjetty | copy_or_move_comments | * | cpe:2.3:a:appjetty:copy_or_move_comments:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "copy-or-move-comments",
"product": "Copy or Move Comments",
"vendor": "biztechc",
"versions": [
{
"lessThanOrEqual": "5.0.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-28748
2023-11-06 09:15:07
wpvulndb
wpvulndb
Copy Or Move Comments <= 5.0.4 - Authenticated (Subscriber+) SQL Injection
2023-11-23 00:00:00
vulnrichment
vulnrichment
cvelist
cvelist
prion
prion
Sql injection
2023-11-06 09:15:00
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.8
Confidence
High
EPSS
0.001
Percentile
33.0%
Related for CVE-2023-28748