High severity8.8NVD Advisory· Published Dec 11, 2023· Updated Jun 17, 2026
CVE-2023-6035
CVE-2023-6035
Description
The EazyDocs WordPress plugin before 2.3.4 does not properly sanitize and escape "data" parameter before using it in an SQL statement via an AJAX action, which could allow any authenticated users, such as subscribers, to perform SQL Injection attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.3.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/44f5a29a-05f9-40d2-80f2-6fb2bda60d79nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.