Description
MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
Remediation
References
Related Vulnerabilities
WordPress Plugin yolink Search for WordPress Cross-Site Scripting (2.5)
Magento CVE-2019-8107 Vulnerability (CVE-2019-8107)
WordPress Plugin Embedded Video 'lembedded-video.php' Cross-Site Scripting (4.1)
Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4223)
WordPress Plugin ARForms:Wordpress Form Builder Arbitrary File Deletion (3.7.1)