CVE-2023-6567 | LearnPress Plugin up to 4.2.5.7 on WordPress order_by sql injection

Inserito da Angelo Barbosa | Gen 3, 2024 | CVE

A vulnerability has been found in LearnPress Plugin up to 4.2.5.7 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument order_by leads to sql injection.

This vulnerability is known as CVE-2023-6567. The attack can only be initiated within the local network. There is no exploit available.

CVE-2023-6567 | LearnPress Plugin up to 4.2.5.7 on WordPress order_by sql injection

Post correlati

CVE-2024-1723 | SiteOrigin Widgets Bundle Plugin up to 1.58.7 on WordPress cross site scripting

CVE-2024-34586 | Samsung Devices up to SMR Feb-2021 Release 1 KnoxCustomManagerService insufficient permissions or privileges

CVE-2024-4522 | Campcodes Complete Web-Based School Management System 1.0 teacher_salary_details.php index cross site scripting

CVE-2024-23621 | IBM Merge Healthcare eFilm Workstation up to 4.2 buffer overflow