5 matches found
CVE-2024-10645
creationtimestamp| type| source ---|---|--- 2024-11-16 08:37:49+00:00| seen| https://infosec.exchange/users/cve/statuses/113491723471559655 2024-11-16 11:03:17+00:00| seen| https://t.me/cvedetector/11228...
CVE-2024-10645 Blogger 301 Redirect <= 2.5.3 - Unauthenticated SQL Injection via br
The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’ parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2024-10645 Blogger 301 Redirect <= 2.5.3 - Unauthenticated SQL Injection via br
The Blogger 301 Redirect plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘br’ parameter in all versions up to, and including, 2.5.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2024-10645
CVE-2024-10645 concerns the Blogger 301 Redirect plugin for WordPress. The vulnerability is a blind time-based SQL injection in the br parameter, exploitable on all versions up to and including 2.5.3 due to insufficient escaping and lack of proper SQL query preparation. The issue allows unauthent...
WordPress Blogger 301 Redirect Plugin <= 2.5.3 is vulnerable to SQL Injection
Software Blogger 301 Redirect Type Plugin Vulnerable versions = 2.5.3 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10645 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 67b11c672527 Credits kr0d Required privilege Unauthenticated...