CVE-2023-5640

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 20, 2023
Updated: Nov 27, 2023
CWE ID 89

Summary

CVE-2023-5640 is a SQL injection vulnerability found in the Article Analytics WordPress plugin. The plugin does not properly sanitize and escape a parameter, allowing unauthenticated users to exploit it via an AJAX action. The vulnerability has a base severity rating of CRITICAL and a base score of 9.8 according to NVD. It poses a high risk to organizations as it can lead to unauthorized access, manipulation, or deletion of data stored in the database. Organizations using the affected plugin should update to the latest version or apply any patches provided by the vendor to remediate this vulnerability.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5640 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options