Security Advisory

CVE-2023-2111

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-30 07:49:22

Last updated 2025-01-10 16:13:26

Assigner WPScan

State PUBLISHED

Description

The Fast & Effective Popups & Lead-Generation for WordPress plugin before 2.1.4 concatenates user input into an SQL query without escaping it first in the plugins report API endpoint, which could allow administrators in multi-site configuration to leak sensitive information from the sites database.

← Browse all CVEs View on cve.org ↗