CVE-2023-2229

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Aug 31, 2023

Updated: Nov 7, 2023

CWE ID 601

Summary

CVE-2023-2229 is a vulnerability affecting the Quick Post Duplicator plugin for WordPress. This issue allows authenticated attackers with contributor-level privileges to inject SQL queries through the 'post_id' parameter, due to insufficient escaping and inadequate query preparation. Consequently, sensitive information can be extracted from the database. WordPress users are advised to update the plugin to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

pgAdmin
Fedora Operating System

Affected Vendors

Pgadmin
Fedora Project

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ph0_19
https://www.cve.org/CVERecord?id=CVE-2023-2229
https://nvd.nist.gov/vuln/detail/CVE-2023-2229

Back to Vulnerability Database