CVE-2023-1207

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
15/05/2023
Last modified:
24/01/2025

Description

This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:riverside:http_headers:*:*:*:*:*:wordpress:*:* 1.18.8 (excluding)