Description

The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities.

Classification

CVE ID: CVE-2023-2032

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Unknown

Product: Custom 404 Pro

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.21% (probability of being exploited)

EPSS Percentile: 59.15% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://wpscan.com/vulnerability/17acde5d-44ea-4e77-8670-260d22e28ffe

Timeline