3 matches found
CVE-2024-0709
CVE-2024-0709 affects the WordPress plugin Cryptocurrency Widgets – Price Ticker & Coins List (versions 2.0–2.6.5). The vulnerability is an unauthenticated SQL injection in the coinslist parameter caused by insufficient escaping and lack of proper SQL query preparation, allowing an attacker to ap...
WordPress Cryptocurrency Widgets – Price Ticker & Coins List Plugin <= 2.0 is vulnerable to SQL Injection
Software Cryptocurrency Widgets – Price Ticker & Coins List Type Plugin Vulnerable versions = 2.0 Fixed in 2.6.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0709 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID eb9b26b5950f Credits vollkorntomate...
CVE-2024-0709
creationtimestamp| type| source ---|---|--- 2024-01-21 15:13:41+00:00| published-proof-of-concept| https://t.me/codeb0ss/1360 2024-02-15 21:32:16+00:00| seen| https://t.me/ctinow/185890...