CVE-2023-36529
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 3, 2023
Updated: Nov 14, 2023
CWE ID 89
Summary
CVE-2023-36529 is an SQL Injection vulnerability affecting the Houzez - Real Estate WordPress Theme, version n/a through 1.3.4. An attacker can exploit this issue by neutralizing special elements in an SQL command, leading to unauthorized data access or modification. This vulnerability poses a significant risk, as SQL Injection attacks can allow attackers to bypass authentication and gain control over entire databases. Users are advised to update their theme to the latest version or apply a relevant patch as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Favethemes Houzez