Lucene search
K

5 matches found

NVD
NVD
added 2024/06/13 6:15 a.m.39 views

CVE-2024-3552

The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based...

9.8CVSS0.67288EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/06/13 6:0 a.m.39 views

CVE-2024-3552 Web Directory Free < 1.7.0 - Unauthenticated SQL Injection

The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based...

0.67288EPSS
Exploits4References1
CVE
CVE
added 2024/06/13 6:0 a.m.150 views

CVE-2024-3552

CVE-2024-3552 affects the Web Directory Free WordPress plugin prior to 1.7.0. An unauthenticated AJAX action uses an unsanitised parameter in a SQL statement, enabling SQL injection via UNION, time-based, and error-based techniques, potentially compromising the database. The nuclei template confi...

9.8CVSS9.9AI score0.67288EPSS
Exploits4References1Affected Software1
Circl
Circl
added 2024/05/27 3:40 p.m.5 views

CVE-2024-3552

creationtimestamp| type| source ---|---|--- 2024-05-27 15:40:31+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7435...

9.8CVSS4.8AI score0.67288EPSS
Exploits4References1
Patchstack
Patchstack
added 2024/05/27 12:0 a.m.16 views

WordPress Web Directory Free Plugin < 1.7.0 is vulnerable to SQL Injection

Software Web Directory Free Type Plugin Vulnerable versions 1.7.0 Fixed in 1.7.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3552 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 93c3a72f236f Credits Simone Onofri Kim Cerra Andrea De Dominicis...

9.8CVSS6.7AI score0.67288EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder