High severity8.8NVD Advisory· Published Feb 13, 2023· Updated Jun 17, 2026
CVE-2023-0098
CVE-2023-0098
Description
The Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <115
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/db0b3275-40df-404e-aa8d-53558f0122d8nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.