CVE-2023-5640

Summary

The Article Analytics WordPress plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection vulnerability.

Affected Software

VendorProductVersion RangeStatus
UnknownArticle analytics0 <= 1.0affected

Weaknesses

  • CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References