CVE-2023-2601

Name of the Vulnerable Software and Affected Versions wpbrutalai WordPress plugin versions prior to 2.0.0

Description The issue is related to a SQL injection that can be exploited by an admin via CSRF. This occurs because a parameter is not properly sanitized and escaped before being used in a SQL statement.

Recommendations For versions prior to 2.0.0, update to version 2.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's functionality to minimize the risk of exploitation.