Vulnerability CVE-2023-2601
Published: 2023-06-27

Description:
The wpbrutalai WordPress plugin before 2.0.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin via CSRF.

Type:

CWE-352

 (Cross-Site Request Forgery (CSRF))

 References:
https://wpscan.com/vulnerability/57769468-3802-4985-bf5e-44ec1d59f5fd
Copyright 2026, cxsecurity.com

 

Back to Top