← Back to CVE List
CVE-2023-0381
The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt