Refine your search
1 vulnerability found for Redirect 404 Error Page to Homepage or Custom Page with Logs by WPVibes
CVE-2023-47530 (GCVE-0-2023-47530)
Vulnerability from cvelistv5
Published
2023-12-18 22:57
Modified
2025-05-07 20:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPVibes Redirect 404 Error Page to Homepage or Custom Page with Logs allows SQL Injection.This issue affects Redirect 404 Error Page to Homepage or Custom Page with Logs: from n/a through 1.8.7.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| WPVibes | Redirect 404 Error Page to Homepage or Custom Page with Logs |
Version: n/a < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T21:09:37.346Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/redirect-404-error-page-to-homepage-or-custom-page/wordpress-redirect-404-error-page-to-homepage-or-custom-page-with-logs-plugin-1-8-7-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47530",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T20:29:36.483816Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:29:48.150Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "redirect-404-error-page-to-homepage-or-custom-page",
"product": "Redirect 404 Error Page to Homepage or Custom Page with Logs",
"vendor": "WPVibes",
"versions": [
{
"changes": [
{
"at": "1.8.8",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.8.7",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Fariq Fadillah Gusti Insani (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in WPVibes Redirect 404 Error Page to Homepage or Custom Page with Logs allows SQL Injection.\u003cp\u003eThis issue affects Redirect 404 Error Page to Homepage or Custom Page with Logs: from n/a through 1.8.7.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in WPVibes Redirect 404 Error Page to Homepage or Custom Page with Logs allows SQL Injection.This issue affects Redirect 404 Error Page to Homepage or Custom Page with Logs: from n/a through 1.8.7.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-18T22:57:04.362Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/redirect-404-error-page-to-homepage-or-custom-page/wordpress-redirect-404-error-page-to-homepage-or-custom-page-with-logs-plugin-1-8-7-sql-injection-vulnerability?_s_id=cve"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;1.8.8 or a higher version."
}
],
"value": "Update to\u00a01.8.8 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress Redirect 404 Error Page to Homepage or Custom Page with Logs Plugin \u003c= 1.8.7 is vulnerable to SQL Injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2023-47530",
"datePublished": "2023-12-18T22:57:04.362Z",
"dateReserved": "2023-11-06T09:31:05.424Z",
"dateUpdated": "2025-05-07T20:29:48.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}