CVE-2023-36529

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Nov 3, 2023

Updated: Nov 14, 2023

CWE ID 89

Summary

CVE-2023-36529 is an SQL Injection vulnerability affecting the Houzez - Real Estate WordPress Theme, version n/a through 1.3.4. An attacker can exploit this issue by neutralizing special elements in an SQL command, leading to unauthorized data access or modification. This vulnerability poses a significant risk, as SQL Injection attacks can allow attackers to bypass authentication and gain control over entire databases. Users are advised to update their theme to the latest version or apply a relevant patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Favethemes Houzez

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r1vDbV
https://www.cve.org/CVERecord?id=CVE-2023-36529
https://nvd.nist.gov/vuln/detail/CVE-2023-36529

Back to Vulnerability Database

CVE-2023-36529

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations