EUVD-2024-16574

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in Conversios plugin allows SQL Injection, risking data exposure for authenticated users.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-0786	14 Mar 202421:27	–	circl
CNNVD	WordPress Plugin Conversios Security Vulnerability	28 Feb 202400:00	–	cnnvd
CVE	CVE-2024-0786	28 Feb 202408:33	–	cve
Cvelist	CVE-2024-0786 Conversios <= 7.0.7 - Authenticated (Subscriber+) SQL Injection via ee_syncProductCategory	28 Feb 202408:33	–	cvelist
NVD	CVE-2024-0786	28 Feb 202409:15	–	nvd
Patchstack	WordPress Conversios.io Plugin <= 7.0.7 is vulnerable to SQL Injection	28 Feb 202400:00	–	patchstack
Prion	Sql injection	28 Feb 202409:15	–	prion
Positive Technologies	PT-2024-15818 · WordPress · The Conversios – Google Analytics 4 (Ga4)	28 Feb 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-0786	4 Feb 202523:09	–	redhatcve
Vulnrichment	CVE-2024-0786	28 Feb 202408:33	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "ca7d97fc-0c6b-3d18-a8c1-6b05cfff25da",
        "vendor": {
          "name": "tatvic"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "491e378a-e16b-3963-9849-e1283a630c0a",
        "product": {
          "name": "Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce"
        },
        "product_version": "* ≤6.9.1"
      },
      {
        "id": "9a1805fa-4454-3378-ae2d-e69b0416d95d",
        "product": {
          "name": "Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce"
        }
      }
    ]
  }
]

Source	Link
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/c30801d1-9335-4bba-b344-f0ff57cecf84
plugins	www.plugins.trac.wordpress.org/browser/enhanced-e-commerce-for-woocommerce-store/trunk/includes/data/class-tvc-ajax-file.php

03 Oct 2025 20:07Current

9High risk

Vulners AI Score9

CVSS 3.16.5 - 8.8

EPSS0.00395

SSVC

vulnerability sql injection wordpress plugin