cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-23488,https://securityvulnerability.io/vulnerability/CVE-2023-23488,Unauthenticated SQL Injection in Paid Memberships Pro Plugin for WordPress,"The Paid Memberships Pro plugin for WordPress, specifically versions earlier than 2.9.8, contains an unauthenticated SQL injection vulnerability. This flaw is located in the 'code' parameter of the '/pmpro/v1/order' REST route, allowing attackers to execute arbitrary SQL queries through crafted requests. Exploiting this vulnerability could lead to unauthorized access to sensitive data, posing significant risks to the integrity and confidentiality of the website's database.",Wordpress,Paid Memberships Pro WordPress Plugin,9.8,CRITICAL,0.27647000551223755,false,,false,false,true,true,false,false,2023-01-20T00:00:00.000Z,0