Vulnerabilities > AN Gradebook Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-17	CVE-2023-2636	SQL Injection vulnerability in AN Gradebook Project AN Gradebook The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber network low complexity an-gradebook-project CWE-89	8.8
2023-07-10	CVE-2023-2709	Unspecified vulnerability in AN Gradebook Project AN Gradebook The AN_GradeBook WordPress plugin through 5.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). network low complexity an-gradebook-project	4.8

Vulnerabilities > AN Gradebook Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"AN Gradebook Project"}]}