3 matches found
CVE-2024-13726
The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2024-13726
creationtimestamp| type| source ---|---|--- 2025-02-17 06:15:51+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lie3ufwumy2t 2025-02-17 06:17:44+00:00| seen| https://infosec.exchange/users/cve/statuses/114017767487537657 2025-02-17 08:10:55+00:00| seen|...
CVE-2024-13726 Themes Coder <= 1.3.4 - Unauthenticated SQLi
The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...