Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WC Vendors WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors.This issue affects WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors: from n/a through 2.4.7.
References
Link | Resource |
---|---|
https://patchstack.com/database/vulnerability/wc-vendors/wordpress-wc-vendors-marketplace-plugin-2-4-7-sql-injection-vulnerability?_s_id=cve | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
29 Dec 2023, 17:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:wcvendors:woocommerce_multi-vendor\,_woocommerce_marketplace\,_product_vendors:*:*:*:*:*:wordpress:*:* | |
References | () https://patchstack.com/database/vulnerability/wc-vendors/wordpress-wc-vendors-marketplace-plugin-2-4-7-sql-injection-vulnerability?_s_id=cve - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
First Time |
Wcvendors
Wcvendors woocommerce Multi-vendor\, Woocommerce Marketplace\, Product Vendors |
20 Dec 2023, 13:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-19 21:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-48327
Mitre link : CVE-2023-48327
CVE.ORG link : CVE-2023-48327
JSON object : View
Products Affected
wcvendors
- woocommerce_multi-vendor\,_woocommerce_marketplace\,_product_vendors
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')