mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
835 B
835 B
CVE-2023-5640
Description
The Article Analytics WordPress plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection vulnerability.
POC
Reference
- https://devl00p.github.io/posts/Injection-SQL-dans-le-plugin-Wordpress-Article-Analytics/
- https://wpscan.com/vulnerability/9a383ef5-0f1a-4894-8f78-845abcb5062d
Github
No PoCs found on GitHub currently.