CVE-2023-1207

Summary

This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability.

Affected Software

VendorProductVersion RangeStatus
UnknownHTTP Headers0 < 1.18.8affected

Weaknesses

  • CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References