WordPress Plugin Vulnerabilities

Simple URLs < 115 - Subscriber+ SQLi

Description

The plugin does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber.

Proof of Concept

Affects Plugins

Plugin icon
simple-urls
Fixed in 115

References

CVE
CVE-2023-0098

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
7.7 (high)

Miscellaneous

Original Researcher
dc11
Submitter
dc11
Verified
Yes
WPVDB ID
db0b3275-40df-404e-aa8d-53558f0122d8

Timeline

Publicly Published
2023-01-17 (about 2 years ago)
Added
2023-01-17 (about 2 years ago)
Last Updated
2023-01-17 (about 2 years ago)

Other

Published
Title
Published
2025-10-21
Title
Email Tracker < 5.3.16 - Authenticated (Admin+) SQL Injection
Published
2024-09-24
Title
REST API TO MiniProgram <= 4.7.7 - Unauthenticated SQL Injection
Published
2025-03-13
Title
WPCOM Member < 1.7.7 - Unauthenticated Time-Based SQL Injection
Published
2025-09-26
Title
LambertGroup - AllInOne - Banner with Thumbnails <= 3.8 - Authenticated (Contributor+) SQL Injection
Published
2024-12-19
Title
Userpro <= 5.1.9 - Authenticated (Contributor+) SQL Injection