WordPress e2pdf Plugin <= 1.20.23 is vulnerable to SQL Injection
CVE-2023-50849
7.6HIGH
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 28 December 2023
What is CVE-2023-50849?
The E2Pdf – Export To Pdf Tool for WordPress is vulnerable to a SQL Injection flaw due to improper neutralization of special elements in SQL commands. This vulnerability allows malicious users to exploit the tool and execute arbitrary SQL queries, potentially leading to unauthorized access to sensitive data contained within the database. It is crucial for users of E2Pdf to update to the latest version to mitigate this security issue.
Affected Version(s)
E2Pdf – Export To Pdf Tool for WordPress <= 1.20.23