CVE-2023-54359 | Adivaha WordPress adivaha Travel Plugin 2.3 GET Parameter /mobile-app/v3/ pid sql injection (Exploit 51655 / EDB-51655)

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability categorized as critical has been discovered in Adivaha WordPress adivaha Travel Plugin 2.3. This vulnerability affects unknown code of the file /mobile-app/v3/ of the component GET Parameter Handler. The manipulation of the argument pid results in sql injection.

This vulnerability is known as CVE-2023-54359. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2023-54359 | Adivaha WordPress adivaha Travel Plugin 2.3 GET Parameter /mobile-app/v3/ pid sql injection (Exploit 51655 / EDB-51655)

Post correlati

CVE-2024-13115 | Projects Portfolio with Client Testimonials Plugin cross site scripting

CVE-2024-45537 | Apache Druid up to 30.0.0 JDBC access control

CVE-2024-23279 | Apple macOS up to 14.3 access control (HT214084)

CVE-2024-38972 | Netbox 4.0.3 /dcim/power-ports/add/ Name cross site scripting