High severity7.2NVD Advisory· Published Jun 19, 2023· Updated Jun 17, 2026
CVE-2023-2221
CVE-2023-2221
Description
The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <3.2
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/6666688e-7239-4d40-a348-307cf8f3b657nvdExploitThird Party Advisory
- wpscan.com/vulnerability/6666688e-7239-4d40-a348-307cf8f3b657/nvd
News mentions
0No linked articles in our index yet.