CVE-2023-5428

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 31, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-5428 is a vulnerability affecting the Image vertical reel scroll slideshow plugin for WordPress. It allows authenticated attackers with subscriber-level or higher permissions to inject SQL queries into existing ones through insufficient escaping of user-supplied parameters. This vulnerability, present in plugin versions up to 9.0, can be exploited to extract sensitive data from the WordPress database.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s5tPP4
https://www.cve.org/CVERecord?id=CVE-2023-5428
https://nvd.nist.gov/vuln/detail/CVE-2023-5428

Back to Vulnerability Database

CVE-2023-5428

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations