5 matches found
CVE-2024-33546
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10...
CVE-2024-33546 WordPress WZone plugin <= 14.0.10 - Arbitrary SQL Update Execution vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10...
CVE-2024-33546 WordPress WZone plugin <= 14.0.10 - Arbitrary SQL Update Execution vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10...
CVE-2024-33546
CVE-2024-33546 is an unauthenticated SQL Injection in the WooCommerce Amazon Affiliates/WooZone plugin for WordPress, affecting WZone up to version 14.0.10. The CVSS v3.1 base vector indicates network access (AV:N) with low attack complexity (AC:L) and requires low privileges (PR:L) with no user ...
WordPress WZone Plugin <= 14.0.33 is vulnerable to SQL Injection
Software WZone Type Plugin Vulnerable versions = 14.0.33 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-33546 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID 44537a1aade6 Credits Rafie Muhammad Patchstack Required privilege Subscriber...