CVE-2023-34383
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2023-34383 is a vulnerability affecting weDevs WP Project Manager. This issue permits SQL Injection due to improper neutralization of special elements used in an SQL command. The vulnerability exists in WP Project Manager from its inception through version 2.6.0, posing a significant risk to websites using this plugin. An attacker could exploit this flaw to gain unauthorized access to sensitive data or even take control of the affected database. It is crucial for WordPress users with WP Project Manager installed to update to the latest patch as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Wedevs Wp Project Manager
Affected Vendors
- weDevs