Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-03-05

CVE-2023-0765 - Gallery By Bestwebsoft Plugin

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The attacker must have at least the privileges of an Author, and the vendor's Slider plugin (https://wordpress.org/plugins/slider-bws/) must also be installed for this vulnerability to be exploitable.

PLUGIN Gallery By Bestwebsoft

CVE-2023-0765

HIGH CVSS 8.8 2023-04-17

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-02-06

CVE-2023-0764 - Gallery By Bestwebsoft Plugin

The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role.

PLUGIN Gallery By Bestwebsoft

CVE-2023-0764

MEDIUM CVSS 5.4 2023-04-17

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2023-0765 - Gallery By Bestwebsoft Plugin

CVE-2023-0764 - Gallery By Bestwebsoft Plugin

Company Links

Contact Us