cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-29096,https://securityvulnerability.io/vulnerability/CVE-2023-29096,WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.0 is vulnerable to SQL Injection,"An SQL Injection vulnerability exists in the BestWebSoft Contact Form to DB plugin for WordPress, specifically in versions up to 1.7.0. This flaw arises from improper neutralization of special elements used in SQL commands, which could allow attackers to manipulate SQL queries executed by the plugin. If exploited, this vulnerability could enable unauthorized access to sensitive database information and compromise the integrity of the application. Website owners using this plugin should prioritize patching or updating their installations to mitigate potential security risks.",Wordpress,Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress,8.5,HIGH,0.0008900000248104334,false,,false,false,false,,false,false,2023-12-20T18:15:00.000Z,0
CVE-2023-36508,https://securityvulnerability.io/vulnerability/CVE-2023-36508,WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.1 is vulnerable to SQL Injection,An SQL Injection vulnerability exists in BestWebSoft's Contact Form to DB plugin for WordPress. This flaw allows attackers to manipulate SQL queries by injecting arbitrary code through specially crafted inputs. The affected versions of the plugin expose sensitive data and could lead to unauthorized access to the database. It is essential for users to update to the latest version or implement mitigations to safeguard their WordPress sites from potential exploitation.,Wordpress,Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress,9.8,CRITICAL,0.0013800000306218863,false,,false,false,false,,false,false,2023-10-31T15:15:00.000Z,0