PT-2023-30945 · WordPress · Guardgiant Brute Force Protection

Mika

·

Publicado

2023-12-19

·

Atualizado

2023-12-28

·

CVE-2023-48764

CVSS v3.1

7.6

Alta

VetorAV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
Name of the Vulnerable Software and Affected Versions GuardGiant Brute Force Protection WordPress Brute Force Protection – Stop Brute Force Attacks versions through 2.2.5
Description The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This vulnerability affects the GuardGiant Brute Force Protection WordPress Brute Force Protection – Stop Brute Force Attacks plugin.
Recommendations For versions through 2.2.5, update to a version later than 2.2.5 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database queries until a patch is available.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2023-48764

Produtos afetados

Guardgiant Brute Force Protection