EUVD-2024-34168

Malicious code in bioql PyPI...

CVE-2024-11437

The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-11437 Timeline Designer <= 1.4 - Authenticated (Admin+) SQL Injection

The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-11437 Timeline Designer <= 1.4 - Authenticated (Admin+) SQL Injection

The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-11437

CVE-2024-11437 affects Timeline Designer for WordPress. The timeline plugin is vulnerable to SQL Injection via the 's' parameter in all versions up to 1.4 due to insufficient escaping and improper query preparation. This could allow unauthenticated attackers to append additional SQL queries into ...

WordPress plugin Timeline Designer SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress Timeline Designer plugin <= 1.4 - Authenticated (Admin+) SQL Injection vulnerability

Authenticated Admin+ SQL Injection vulnerability discovered by Colin Xu in WordPress Plugin Timeline Designer versions = 1.4...