242 matches found
CVE-2024-13483
CVE-2024-13483 affects the WordPress plugin LTL Freight Quotes – SAIA Edition up to version 2.2.10 . The issue is an unauthenticated SQL Injection via the parameters edit_id and dropship_edit_id due to insufficient escaping and inadequate SQL query preparation, enabling attackers to append querie...
CVE-2024-13481 LTL Freight Quotes – R+L Carriers Edition <= 3.3.4 - Unauthenticated SQL Injection
The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 3.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13485 LTL Freight Quotes – ABF Freight Edition <= 3.3.7 - Unauthenticated SQL Injection
The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13485 LTL Freight Quotes – ABF Freight Edition <= 3.3.7 - Unauthenticated SQL Injection
The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13481
CVE-2024-13481 – LTL Freight Quotes – R+L Carriers Edition (WordPress) Affected software: LTL Freight Quotes – R+L Carriers Edition plugin for WordPress, all versions up to and including 3.3.4. Root cause: SQL Injection via the edit_id and dropship_edit_id parameters caused by insufficient escapi...
CVE-2024-13485
CVE-2024-13485 affects the WordPress plugin “LTL Freight Quotes – ABF Freight Edition” up to version 3.3.7. The vulnerability is an unauthenticated SQL injection via the parameters “edit_id” and “dropship_edit_id” caused by insufficient escaping and unsafe query construction, enabling attackers t...
CVE-2024-13478 LTL Freight Quotes – TForce Edition <= 3.6.4 - Unauthenticated SQL Injection
The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
CVE-2024-13478
The CVE covers the WordPress plugin LTL Freight Quotes – TForce Edition. Affected component: the WordPress plugin (ltl-freight-quotes-ups-edition). Root cause: insufficient escaping on the user-supplied parameters dropship_edit_id and edit_id and inadequate preparation of the underlying SQL query...
CVE-2024-13479 LTL Freight Quotes – SEFL Edition <= 3.2.4 - Unauthenticated SQL Injection
The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 3.2.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2024-13478 LTL Freight Quotes – TForce Edition <= 3.6.4 - Unauthenticated SQL Injection
The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...
CVE-2024-13479 LTL Freight Quotes – SEFL Edition <= 3.2.4 - Unauthenticated SQL Injection
The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropshipeditid' and 'editid' parameters in all versions up to, and including, 3.2.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2024-13489
The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 4.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13489 LTL Freight Quotes – Old Dominion Edition <= 4.2.10 - Unauthenticated SQL Injection
The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 4.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-13489 LTL Freight Quotes – Old Dominion Edition <= 4.2.10 - Unauthenticated SQL Injection
The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection via the 'editid' and 'dropshipeditid' parameters in all versions up to, and including, 4.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
WordPress LTL Freight Quotes – SEFL Edition plugin <= 3.2.4 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin LTL Freight Quotes – SEFL Edition versions = 3.2.4...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin LTL Freight Quotes SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...