CVE-2023-48738

Name of the Vulnerable Software and Affected Versions Porto Theme - Functionality versions prior to 2.12.1

Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This could allow an unauthenticated attacker to perform SQL injections, potentially giving them unauthorized access to sensitive data. Approximately 95,000 users are at risk.

Recommendations For versions prior to 2.12.1, update to version 2.12.1 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and monitoring database activity for suspicious queries until the update can be applied.