Lucene search
WpvulndbWPVDB-ID:598FDDE8-2D16-4531-9EC2-A9FF99695AF5HistoryOct 20, 2023 - 12:00 a.m.
Horizontal scrolling announcement <= 9.2 - Authenticated (subscriber+) Blind SQL Injection
2023-10-2000:00:00
wpscan.com
3
plugin
authenticated
subscriber+
blind sql injection
sql statement
low privilege users
Description The plugin did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing low privilege users (subscriber+) to perform Blind SQL Injection attack.
Related
prion
prion
Sql injection
2023-10-20 08:15:00
cve
cve
CVE-2023-4999
2023-10-20 08:15:12
cvelist
cvelist
CVE-2023-4999
2023-10-20 07:29:29
nvd
nvd
CVE-2023-4999
2023-10-20 08:15:12
wordfence
wordfence
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
19.3%
Related for WPVDB-ID:598FDDE8-2D16-4531-9EC2-A9FF99695AF5