CVE-2023-0487 Information

Description

The My Sticky Elements WordPress plugin before 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement when deleting messages leading to a SQL injection exploitable by high privilege users such as admin

Reference

https://wpscan.com/vulnerability/0e874a1d-c866-45fa-b456-c8012dca32af