What the vulnerability does
01Description
Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
What the vulnerability does
Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.
Explanation of Vulnerability in Simple Terms
WP Fast Total Search versions up to 1.80.280 contain a SQL injection vulnerability in search functionality. An attacker can craft malicious search queries to extract sensitive data from the site's database without authentication. The vulnerability affects database confidentiality and may impact availability. Update to a version newer than 1.80.280 immediately.
What an attacker can do
Extract sensitive data from the site database via malicious search queries.
Potential impact on your site
Attackers can read database contents including user credentials, posts, and configuration without logging in.
Conditions required to exploit
Network access to the site; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities