Headline
CVE-2023-23824: WordPress WP-TopBar plugin <= 5.36 - SQL Injection - Patchstack
Auth. SQL Injection (SQLi) vulnerability in WP-TopBar <= 5.36 versions.
Solution
Deactivate and delete. This plugin has been closed as of January 18, 2023 and is not available for download. This closure is temporary, pending a full review.
thiennv discovered and reported this SQL Injection vulnerability in WordPress WP TopBar Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has not been known to be fixed yet.
3 other known vulnerabilities for this pluginTo plugin page
Report to Patchstack Alliance bounty platform and earn monthly cash prizes.
Learn more