High severity7.2NVD Advisory· Published Feb 27, 2023· Updated Jun 17, 2026
CVE-2023-0278
CVE-2023-0278
Description
The GeoDirectory WordPress plugin before 2.2.24 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.2.24
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/98deb84e-01ca-4b70-a8f8-0a226daa85a6nvdThird Party Advisory
- bulletin.iese.de/post/geodirectory_2-2-21nvdBroken Link
News mentions
0No linked articles in our index yet.