4 matches found
CVE-2024-38692
creationtimestamp| type| source ---|---|--- 2024-07-22 13:38:46+00:00| seen| https://t.me/cvedetector/1438...
CVE-2024-38692
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.11...
CVE-2024-38692
CVE-2024-38692 (Spiffy Calendar) : A SQL Injection in the Spiffy Calendar plugin (WordPress) exists due to improper neutralization of SQL elements. Affected versions are up to 4.9.11, with the injection exploitable in an authenticated context (Administrator+). The CVE entry is linked to WordPress...
WordPress Spiffy Calendar Plugin <= 4.9.11 is vulnerable to SQL Injection
Software Spiffy Calendar Type Plugin Vulnerable versions = 4.9.11 Fixed in 4.9.12 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-38692 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 21e2115ebd60 Credits Nguyễn Trung Kiên anhchangmutrang Required...