CVE-2023-28660

Summary

The Events Made Easy WordPress Plugin, version <= 2.3.14 is affected by an authenticated SQL injection vulnerability in the 'search_name' parameter in the eme_recurrences_list action.

Affected Software

VendorProductVersion RangeStatus
n/aEvents Made Easy WordPress Plugin<= 2.3.14affected

Weaknesses

  • Authenticated SQL Injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References