5 matches found
CVE-2024-32710
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5...
CVE-2024-32710 WordPress WP-Recall plugin <= 16.26.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5...
CVE-2024-32710 WordPress WP-Recall plugin <= 16.26.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5...
CVE-2024-32710
CVE-2024-32710 describes an unauthenticated SQL Injection in the WP-Recall plugin for WordPress (WP-Recall) up to version 16.26.5, caused by improper neutralization of SQL elements. The description and Red Hat advisory confirm the issue and indicate the affected product/version range is WP-Recall
WordPress WP-Recall Plugin <= 16.26.5 is vulnerable to SQL Injection
Software WP-Recall Type Plugin Vulnerable versions = 16.26.5 Fixed in 16.26.6 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-32710 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID c2c2701e003d Credits LVT-tholv2k Required privilege Contributor Publishe...