CVE-2023-2032

Summary

The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
UnknownCustom 404 Pro0 < 3.8.1affected

Weaknesses

  • CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References