Unrated severityNVD Advisory· Published May 2, 2023· Updated Jan 30, 2025
SupportCandy < 3.1.5 - Unauthenticated SQLi
CVE-2023-1730
Description
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <3.1.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/44b51a56-ff05-4d50-9327-fc9bab74d4b7mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.