Lucene search
PatchstackCVELIST:CVE-2024-35678HistoryJun 08, 2024 - 3:57 p.m.
CVE-2024-35678 WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.2 - SQL Injection vulnerability
2024-06-0815:57:32
CWE-89
Patchstack
www.cve.org
1
wordpress
contact form to db
bestwebsoft
sql injection
cve-2024-35678
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in BestWebSoft Contact Form to DB by BestWebSoft.This issue affects Contact Form to DB by BestWebSoft: from n/a through 1.7.2.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "contact-form-to-db",
"product": "Contact Form to DB by BestWebSoft",
"vendor": "BestWebSoft",
"versions": [
{
"changes": [
{
"at": "1.7.3",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.7.2",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-35678
2024-06-08 16:15:09
cve
cve
CVE-2024-35678
2024-06-08 16:15:09
vulnrichment
vulnrichment
wpvulndb
wpvulndb
wordfence
wordfence
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-35678