CVE-2023-48764

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 19, 2023

Updated: Dec 28, 2023

CWE ID 89

Summary

CVE-2023-48764 is an SQL injection vulnerability affecting the GuardGiant Brute Force Protection plugin for WordPress. The flaw, located in the plugin's implementation, permits malicious users to inject malicious SQL commands, potentially leading to unauthorized access to sensitive data or even take control of the affected WordPress site. The vulnerability affects versions 2.2.5 and below of the plugin. WordPress users are urged to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/td-vPG
https://www.cve.org/CVERecord?id=CVE-2023-48764
https://nvd.nist.gov/vuln/detail/CVE-2023-48764

Back to Vulnerability Database

CVE-2023-48764

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations