CVE-2023-38382

CVE-2023-38382: WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to SQL Injection

Vendor Daniel Söderström / Sidney Van De Stouwe
Product Subscribe to Category
Weakness CWE-89 · SQLi
Published November 6, 2023
Last update April 29, 2026

CVSS base score

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4.

Key dates

02Disclosure timeline

November 6, 2023 CVE published
April 29, 2026 Record updated