6 matches found
WordPress XStore Theme 9.3.8 SQL Injection
Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Date: 2024-05-16 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent:...
Wordpress Theme XStore 9.3.8 - SQLi
Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Date: 2024-05-16 Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent:...
Wordpress Theme XStore 9.3.8 - SQL injection Vulnerability
Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent: Mozilla/5.0 Windows NT...
CVE-2024-33559 WordPress XStore theme <= 9.3.5 - Unauthenticated SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5...
CVE-2024-33559
CVE-2024-33559 describes an unauthenticated SQL injection in the WordPress XStore Theme. Affected versions are
WordPress XStore Theme <= 9.3.8 is vulnerable to SQL Injection
Software XStore Type Theme Vulnerable versions = 9.3.8 Fixed in 9.3.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-33559 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 0996b4472188 Credits Rafie Muhammad Patchstack Required privilege...