CVE-2023-52132 HIGH

CVE-2023-52132: WordPress WP Adminify Plugin <= 3.1.6 is vulnerable to SQL Injection

Vendor Jewel Theme
Product WP Adminify
Weakness CWE-89 · SQLi
Published December 31, 2023
Last update April 28, 2026
View on NVD All CVEs

CVSS base score

7.6/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

What the vulnerability does

01Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jewel Theme WP Adminify.This issue affects WP Adminify: from n/a through 3.1.6.

Key dates

02Disclosure timeline

December 31, 2023 CVE published
April 28, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-1317 WP Import – Ultimate CSV XML Importer for WordPress <= 7.37 - Authenticated (Subscriber+) SQL Injection via File Name CVE-2024-24572 facileManager Authenticated Variable Manipulation leading to SQL Injection CVE-2024-49620 WordPress FERMA.ru.net plugin <= 1.3.3 - SQL Injection vulnerability CVE-2024-2777 Campcodes/PHPGurukul Online Marriage Registration System application-bwdates-reports-details.php sql injection CVE-2021-24835 WCFM - Frontend Manager for WooCommerce < 6.5.12 - Customer/Subscriber+ SQL Injection