CVE-2023-45069

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 6, 2023
Updated: Nov 10, 2023
CWE ID 89

Summary

CVE-2023-45069 is a new SQL Injection vulnerability that affects the Video Gallery plugin for WordPress, specifically versions from n/a to 2.1.3. Attackers can exploit this issue by injecting malicious SQL commands into the plugin, which if successful, could grant unauthorized access to sensitive data or enable further attacks. This vulnerability arises due to the plugin's failure to properly neutralize special elements in SQL commands, posing a significant risk to websites using this plugin.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share