Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/03/12 12:0 a.m.12 views

WordPress 404 Solution Plugin < 2.35.8 is vulnerable to SQL Injection

Software 404 Solution Type Plugin Vulnerable versions 2.35.8 Fixed in 2.35.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1068 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID a596100a0999 Credits Sumit Patel Required privilege Administrator Publishe...

7.2CVSS7.2AI score0.00756EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2024/03/11 5:56 p.m.91 views

CVE-2024-1068

CVE-2024-1068 affects the WordPress plugin 404 Solution prior to version 2.35.8 . The issue is an improper sanitisation/escaping of a parameter used in a SQL statement, enabling a SQL injection . The exploit is described as usable by high-privilege users (e.g., admins) and is supported by multipl...

7.2CVSS7.1AI score0.00756EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/11 5:56 p.m.20 views

CVE-2024-1068 404 Solution < 2.35.8 - Admin+ SQL Injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

7.3AI score0.00756EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/03/11 5:56 p.m.20 views

CVE-2024-1068 404 Solution < 2.35.8 - Admin+ SQL Injection

The 404 Solution WordPress plugin before 2.35.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admins...

7.2AI score0.00756EPSS
Exploits2References1
Rows per page
Query Builder