Lucene search
HistoryMar 22, 2023 - 9:15 p.m.
CVE-2023-28662
gift cards
wordpress plugin
sql injection
unauthenticated
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.019
Percentile
88.6%
The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action.
Affected configurations
Node
codemenschengift_vouchersRange≤4.3.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| codemenschen | gift_vouchers | * | cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* |
Related
wpvulndb
wpvulndb
Gift Voucher < 4.3.3 - Subscriber+ SQLi
2023-03-22 00:00:00
wpexploit
wpexploit
Gift Voucher < 4.3.3 - Subscriber+ SQLi
2023-03-22 00:00:00
cve
cve
CVE-2023-28662
2023-03-22 21:15:18
openvas
openvas
WordPress Gift Cards Plugin < 4.3.3 SQLi Vulnerability
2023-10-12 00:00:00
prion
prion
Sql injection
2023-03-22 21:15:00
nuclei
nuclei
Wordpress Gift Cards <= 4.3.1 - SQL Injection
2024-02-04 10:48:42
cvelist
cvelist
CVE-2023-28662
2023-03-22 00:00:00
wordfence
wordfence
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.019
Percentile
88.6%
Related for NVD:CVE-2023-28662