CVE-2023-47506

HIGH

Master Slider Pro < 3.6.5 - Authenticated SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Master slider Master Slider Pro allows SQL Injection.This issue affects Master Slider Pro: from n/a through 3.6.5.

Scores

CVSS v3 7.6
EPSS 0.0070
EPSS Percentile 48.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Details

CWE
CWE-89
Status published
Products (2)
Master slider/Master Slider Pro < 3.6.5
masterslider/master_slider < 3.6.5
Published Dec 18, 2023
Tracked Since Feb 18, 2026