Lucene search
K

4 matches found

NVD
NVD
added 2024/02/28 1:15 p.m.21 views

CVE-2024-25902

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2...

7.6CVSS7.9AI score0.00541EPSS
Exploits0References1
CVE
CVE
added 2024/02/28 1:1 p.m.116 views

CVE-2024-25902

CVE-2024-25902 : WordPress plugin miniorange Malware Scanner (v4.7.2 and earlier) is affected by an SQL Injection due to improper neutralization of inputs. The vulnerability is exploitable with administrator privileges (Wordfence notes “Authenticated (Administrator+) SQL Injection”) and is linked...

7.6CVSS8.2AI score0.00541EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/28 1:1 p.m.27 views

CVE-2024-25902 WordPress Malware Scanner Plugin <= 4.7.2 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2...

7.6CVSS8.1AI score0.00541EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/02/12 12:0 a.m.9 views

WordPress Malware Scanner Plugin <= 4.7.2 is vulnerable to SQL Injection

Software Malware Scanner Type Plugin Vulnerable versions = 4.7.2 Fixed in 4.7.3 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-25902 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 46c75a59070d Credits Le Ngoc Anh Required privilege Administrator...

7.6CVSS6.8AI score0.00541EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder