CVE-2023-45069
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Nov 6, 2023
Updated: Nov 10, 2023
CWE ID 89
Summary
CVE-2023-45069 is a new SQL Injection vulnerability that affects the Video Gallery plugin for WordPress, specifically versions from n/a to 2.1.3. Attackers can exploit this issue by injecting malicious SQL commands into the plugin, which if successful, could grant unauthorized access to sensitive data or enable further attacks. This vulnerability arises due to the plugin's failure to properly neutralize special elements in SQL commands, posing a significant risk to websites using this plugin.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- TotalSoft