CVE-2023-46084

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 6, 2023
Updated: Nov 14, 2023
CWE ID 89

Summary

CVE-2023-46084 is an SQL Injection vulnerability affecting Icons Font Loader from an unknown version up to 1.1.2 by bPlugins LLC. An attacker can exploit this vulnerability by improperly neutralizing special elements in SQL commands, allowing SQL Injection and potentially gaining unauthorized access to sensitive data. This flaw poses a significant risk to organizations using the Icons Font Loader plugin and highlights the importance of keeping software up-to-date with security patches.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share