An Gradebook Project An Gradebook vulnerabilities
2 known vulnerabilities affecting an_gradebook_project/an_gradebook.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-2636P2HIGHCVSS 8.8PoC≤ 5.0.12023-07-17
CVE-2023-2636 [HIGH] CWE-89 CVE-2023-2636: The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter be
The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber
nvd
CVE-2023-2709P4MEDIUMCVSS 4.8≤ 5.0.12023-07-10
CVE-2023-2709 [MEDIUM] CWE-79 CVE-2023-2709: The AN_GradeBook WordPress plugin through 5.0.1 does not sanitise and escape some of its settings, w
The AN_GradeBook WordPress plugin through 5.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
nvd