Lucene search
K

42 matches found

Prion
Prion
added 2024/03/11 6:15 p.m.39 views

Sql injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

7.2AI score0.00756EPSS
Exploits2References1
CVE
CVE
added 2024/03/11 5:56 p.m.91 views

CVE-2024-1068

CVE-2024-1068 affects the WordPress plugin 404 Solution prior to version 2.35.8 . The issue is an improper sanitisation/escaping of a parameter used in a SQL statement, enabling a SQL injection . The exploit is described as usable by high-privilege users (e.g., admins) and is supported by multipl...

7.2CVSS7.1AI score0.00756EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/11 5:56 p.m.20 views

CVE-2024-1068 404 Solution < 2.35.8 - Admin+ SQL Injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

7.3AI score0.00756EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/03/11 5:56 p.m.20 views

CVE-2024-1068 404 Solution < 2.35.8 - Admin+ SQL Injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

7.2AI score0.00756EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/03/11 12:0 a.m.9 views

WordPress Plugin 404 Solution Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

7.2CVSS7.8AI score0.00756EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2024/02/17 12:0 a.m.21 views

404 Solution < 2.35.8 - Admin+ SQL Injection

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins. PoC 1. navigate to logs "https://example.com/wp-admin/options-general.php?page=abj404solution=abj404logs"...

7.2CVSS7.1AI score0.00756EPSS
Exploits2
OSV
OSV
added 2024/01/05 11:15 a.m.5 views

CVE-2023-52146

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0...

5.3CVSS7.3AI score0.00435EPSS
Exploits0References1
NVD
NVD
added 2024/01/05 11:15 a.m.29 views

CVE-2023-52146

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0...

5.3CVSS5.2AI score0.00435EPSS
Exploits0References1
Prion
Prion
added 2024/01/05 11:15 a.m.29 views

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0...

5CVSS7.1AI score0.00435EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/05 11:5 a.m.51 views

CVE-2023-52146

CVE-2023-52146 : Affects WordPress plugin 404 Solution (up to version 2.33.0). Public details in connected docs indicate a vulnerability titled “Sensitive Information Exposure via Log File” within the 404 Solution plugin, leading to exposure of sensitive data via logs. The vulnerability has been ...

5.3CVSS6.7AI score0.00435EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/05 11:5 a.m.6 views

CVE-2023-52146 WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0...

5.3CVSS5.6AI score0.00435EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/05 11:5 a.m.37 views

CVE-2023-52146 WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.33.0...

5.3CVSS5.6AI score0.00435EPSS
Exploits0References1
NVD
NVD
added 2023/12/28 12:15 p.m.15 views

CVE-2023-50848

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

7.6CVSS0.00541EPSS
Exploits0References1
Prion
Prion
added 2023/12/28 12:15 p.m.21 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

5.8CVSS7.9AI score0.00541EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/12/28 11:38 a.m.52 views

CVE-2023-50848

CVE-2023-50848 affects the 404 Solution WordPress plugin (

7.6CVSS7.8AI score0.00541EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/28 11:38 a.m.17 views

CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

7.6CVSS7.6AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/28 11:38 a.m.26 views

CVE-2023-50848 WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aaron J 404 Solution.This issue affects 404 Solution: from n/a through 2.34.0...

7.6CVSS8.1AI score0.00541EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/28 12:0 a.m.7 views

WordPress Plugin 404 Solution SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin 404 Solution suffers from ...

7.6CVSS7.6AI score0.00541EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/12/28 12:0 a.m.19 views

WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure

Software 404 Solution Type Plugin Vulnerable versions = 2.33.0 Fixed in 2.33.1 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-52146 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8e10ffdc1b34 Credits Joshua Ch...

5.3CVSS6.5AI score0.00435EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/12/21 12:0 a.m.15 views

WordPress 404 Solution Plugin <= 2.34.0 is vulnerable to SQL Injection

Software 404 Solution Type Plugin Vulnerable versions = 2.34.0 Fixed in 2.35.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-50848 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 295d8959acb7 Credits Muhammad Daffa Required privilege Administrator...

7.6CVSS6.8AI score0.00541EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder