CVE-2024-13184

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

CVE-2024-13184 The Ultimate WordPress Toolkit – WP Extended <= 3.0.12 - Unauthenticated SQL Injection via Login Attempts Module

The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to time-based SQL Injection via the Login Attempts module in all versions up to, and including, 3.0.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

CVE-2024-13184

CVE-2024-13184 — The Ultimate WordPress Toolkit – WP Extended (WordPress) SQL Injection Vulnerability: Time-based SQL Injection via the Login Attempts module in WP Extended &lt;= 3.0.12. Root cause: insufficient escaping of user-provided parameter and inadequate preparation of the SQL query, enab...

WordPress The Ultimate WordPress Toolkit – WP Extended plugin <= 3.0.12 - Unauthenticated SQL Injection via Login Attempts Module vulnerability

Unauthenticated SQL Injection via Login Attempts Module vulnerability discovered by WordFence in WordPress Plugin The Ultimate WordPress Toolkit – WP Extended versions = 3.0.12...