CVE-2023-0381EPSS p66.7%
CVE-2023-0381CVE-2023-0381
tri / gigpress
Description
The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks
Scoring
| CVSS | 8.8 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| EPSS | 1.30% probability of exploitation · percentile 66.7% · 2026-06-19T12:03:05Z |
| Last modified | 2026-06-17 |