Lucene search
PatchstackCVE-2023-32590HistoryDec 20, 2023 - 3:15 p.m.
CVE-2023-32590
2023-12-2015:15:08
CWE-89
Patchstack
web.nvd.nist.gov
8
cve-2023-32590
sql injection
daniel söderström
sidney van de stouwe
subscribe to category
nvd
CVSS3
9.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
EPSS
0.001
Percentile
31.7%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category.This issue affects Subscribe to Category: from n/a through 2.7.4.
Affected configurations
Node
subscribe_to_category_projectsubscribe_to_categoryRange≤2.7.4wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| subscribe_to_category_project | subscribe_to_category | * | cpe:2.3:a:subscribe_to_category_project:subscribe_to_category:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "subscribe-to-category",
"product": "Subscribe to Category",
"vendor": "Daniel Söderström / Sidney van de Stouwe",
"versions": [
{
"lessThanOrEqual": "2.7.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-32590
2023-12-20 15:15:08
cvelist
cvelist
prion
prion
Sql injection
2023-12-20 15:15:00
wordfence
wordfence
CVSS3
9.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
EPSS
0.001
Percentile
31.7%
Related for CVE-2023-32590