Unrated severityNVD Advisory· Published Feb 27, 2023· Updated Mar 10, 2025
My Sticky Elements < 2.0.9 - Admin+ SQLi
CVE-2023-0487
Description
The My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages, leading to a SQL injection exploitable by high privilege users such as admin
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.0.9
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/0e874a1d-c866-45fa-b456-c8012dca32afmitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.