Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 30/05/2023 Updated: 13/11/2023

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

The Elementor Website Builder WordPress plugin prior to 3.12.2 does not properly sanitize and escape the Replace URL parameter in the Tools module before using it in a SQL statement, leading to a SQL injection exploitable by users with the Administrator role.

Vulnerable Product	Search on Vulmon	Subscribe to Product
elementor website builder

Elementor Website Builder versions prior to 3122 suffer from a remote SQL injection vulnerability ...

https://wpscan.com/vulnerability/a875836d-77f4-4306-b275-2b60efff1493 http://packetstormsecurity.com/files/175639/Elementor-Website-Builder-SQL-Injection.html https://nvd.nist.gov https://packetstormsecurity.com/files/175639/Elementor-Website-Builder-SQL-Injection.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-0329

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect