CVE-2024-12404

The CF Internal Link Shortcode plugin for WordPress is vulnerable to SQL Injection via the 'posttitle' parameter in all versions up to, and including, 1.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2024-12404 CF Internal Link Shortcode <= 1.1.0 - Unauthenticated SQL Injection

The CF Internal Link Shortcode plugin for WordPress is vulnerable to SQL Injection via the 'posttitle' parameter in all versions up to, and including, 1.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

CVE-2024-12404

CVE-2024-12404 : CF Internal Link Shortcode for WordPress is vulnerable to an unauthenticated SQL Injection via the post_title parameter in versions up to 1.1.0 due to insufficient escaping and poor query preparation. This could allow an attacker to append additional SQL commands to existing quer...

CVE-2024-12404 CF Internal Link Shortcode <= 1.1.0 - Unauthenticated SQL Injection

The CF Internal Link Shortcode plugin for WordPress is vulnerable to SQL Injection via the 'posttitle' parameter in all versions up to, and including, 1.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...