WordPress Most And Least Read Posts Widget Plugin <= 2.5.16 is vulnerable to SQL Injection
CVE-2023-52133
8.5HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 31 December 2023
What is CVE-2023-52133?
An SQL Injection vulnerability exists in WhileTrue's Most And Least Read Posts Widget that allows an attacker to manipulate SQL queries by injecting malicious input. This weakness could lead to unauthorized access to sensitive data, making it crucial for users to update the plugin to versions beyond 2.5.16 to mitigate potential risks.
Affected Version(s)
Most And Least Read Posts Widget <= 2.5.16