3 matches found
CVE-2024-1203
The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'valueData' parameter in all versions up to, and including, 7.0.7 due to insufficient escaping on the user supplied parameter and lack of...
WordPress Conversios.io Plugin <= 7.0.7 is vulnerable to SQL Injection
Software Conversios.io Type Plugin Vulnerable versions = 7.0.7 Fixed in 7.0.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1203 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 047c3aed63ee Credits Krzysztof Zając Required privilege Subscriber...
CVE-2024-1203
CVE-2024-1203 involves the Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce WordPress plugin. The root cause is insufficient escaping and improper preparation of SQL queries in the valueData parameter, enabling authenticated attackers with subscriber...