Lucene search
PatchstackCVE-2023-50843HistoryDec 28, 2023 - 7:15 p.m.
CVE-2023-50843
2023-12-2819:15:15
CWE-89
Patchstack
web.nvd.nist.gov
25
cve-2023-50843
sql injection
clockwork
sms notifications
vulnerability
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
19.3%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Clockwork Clockwork SMS Notfications.This issue affects Clockwork SMS Notfications: from n/a through 3.0.4.
Affected configurations
Node
mediaburstclockwork_sms_notficationsRange≤3.0.4wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mediaburst | clockwork_sms_notfications | * | cpe:2.3:a:mediaburst:clockwork_sms_notfications:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "mediaburst-email-to-sms",
"product": "Clockwork SMS Notfications",
"vendor": "Clockwork",
"versions": [
{
"lessThanOrEqual": "3.0.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
prion
prion
Sql injection
2023-12-28 19:15:00
wpvulndb
wpvulndb
nvd
nvd
CVE-2023-50843
2023-12-28 19:15:15
wordfence
wordfence
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
AI Score
7.5
Confidence
High
EPSS
0.001
Percentile
19.3%
Related for CVE-2023-50843