Security Advisory

CVE-2023-23492

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-01-20 00:00:00
Last updated 2025-04-03 20:07:48
Assigner tenable
State PUBLISHED

Description

The Login with Phone Number WordPress Plugin, version < 1.4.2, is affected by an authenticated SQL injection vulnerability in the ID parameter of its lwp_forgot_password action.