CVE-2023-48742

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Nov 30, 2023

Updated: Dec 5, 2023

CWE ID 89

Summary

CVE-2023-48742 is a vulnerability affecting License Manager for WooCommerce, specifically versions from n/a to 2.2.10. An SQL Injection issue is present, where special elements in SQL commands are not properly neutralized. This weakness allows unauthorized users to inject malicious SQL statements, potentially leading to unauthorized access or data manipulation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

WP Experts

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/td-s1O
https://www.cve.org/CVERecord?id=CVE-2023-48742
https://nvd.nist.gov/vuln/detail/CVE-2023-48742

Back to Vulnerability Database

CVE-2023-48742

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations