Unrated severityNVD Advisory· Published Apr 24, 2023· Updated Feb 4, 2025

Random Text <= 0.3.0 - Subscriber+ SQLi

CVE-2023-0388

Description

The Random Text WordPress plugin through 0.3.0 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by any authenticated users, such as subscribers.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/Random Textdescription
WordPress/Random Textllm-create
Range: <=0.3.0

Patches

Vulnerability mechanics

References

wpscan.com/vulnerability/77861a2e-879a-4bd0-b4c0-cd19481ace5dmitreexploitvdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000