Unrated severityNVD Advisory· Published Dec 26, 2023· Updated Aug 2, 2024
WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs endpoint
CVE-2023-5645
Description
The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WP Mail Log WordPress plugindescription
- Range: <1.1.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/e392fb53-66e9-4c43-9e4f-f4ea7c561551mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.