WordPress KiotViet Sync Plugin <= 1.8.3 - SQL Injection vulnerability
21Vexday Risk Score
No sign of exploitation. No public exploitation artifact known so far.
ssvc Trackcvss 8.5epss 0.4%
exploitation probability
0.4%top 70% of all CVEs
observed exploitation
nono source reports it
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kiotviet KiotViet Sync allows SQL Injection. This issue affects KiotViet Sync: from n/a through 1.8.3.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Affected products
Kiotviet · KiotViet Sync