CVE-2023-1730 - CERT CVE
ID CVE-2023-1730
Sažetak The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks
Reference
CVSS
Base: 9.8
Impact: 5.9
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 30-01-2025 - 15:15
Objavljeno 02-05-2023 - 08:15