Lucene search
+L

4 matches found

NVD
NVD
added 2024/02/28 1:15 p.m.30 views

CVE-2024-25927

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Joel Starnes postMash – custom post order.This issue affects postMash – custom post order: from n/a through 1.2.0...

9.8CVSS9.7AI score0.00565EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/28 12:47 p.m.14 views

CVE-2024-25927 WordPress postMash – custom post order Plugin <= 1.2.0 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Joel Starnes postMash – custom post order.This issue affects postMash – custom post order: from n/a through 1.2.0...

9.3CVSS7.6AI score0.00565EPSS
Exploits0References1
CVE
CVE
added 2024/02/28 12:47 p.m.107 views

CVE-2024-25927

CVE-2024-25927 refers to a SQL Injection vulnerability in the WordPress plugin postMash – custom post order, affecting versions up to and including 1.2.0. The issue arises from improper neutralization of elements in SQL commands (SQLi). The available connected documents confirm it is exploitable ...

9.8CVSS8.9AI score0.00565EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/02/15 12:0 a.m.11 views

WordPress postMash – custom post order Plugin <= 1.2.0 is vulnerable to SQL Injection

Software postMash – custom post order Type Plugin Vulnerable versions = 1.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-25927 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 5131e79f3c3e Credits Dimas Maulana Required privilege...

9.8CVSS6.8AI score0.00565EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder