Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:1 p.m.11 views

CVE-2024-25928

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sitepact.This issue affects Sitepact: from n/a through 1.0.5...

9.8CVSS7.5AI score0.00377EPSS
Exploits0References1
CVE
CVE
added 2024/02/23 11:52 a.m.97 views

CVE-2024-25928

CVE-2024-25928 refers to an SQL injection in Sitepact's Contact Form 7 Extension For Klaviyo for WordPress. Affected versions are up to 1.0.5; the issue is an unauthenticated SQL injection (improper neutralization of input) that allows database interaction. Public records indicate a fix is availa...

9.8CVSS7.4AI score0.00377EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/23 11:52 a.m.22 views

CVE-2024-25928 WordPress Sitepact's Contact Form 7 Extension For Klaviyo Plugin <= 1.0.5 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sitepact.This issue affects Sitepact: from n/a through 1.0.5...

7.1CVSS7.5AI score0.00377EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/02/15 12:0 a.m.18 views

WordPress Sitepact's Contact Form 7 Extension For Klaviyo Plugin <= 1.0.5 is vulnerable to SQL Injection

Software Sitepact's Contact Form 7 Extension For Klaviyo Type Plugin Vulnerable versions = 1.0.5 Fixed in 3.0.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-25928 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b1255b55a5c6 Credits Dimas Maula...

9.8CVSS6.8AI score0.00377EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder