Security Advisory

CVE-2023-0381

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-27 15:24:32

Last updated 2025-03-18 15:04:17

Assigner WPScan

State PUBLISHED

Description

The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks

← Browse all CVEs View on cve.org ↗