3 matches found
CVE-2024-38693 WordPress WP User Frontend plugin <= 4.0.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a through 4.0.7...
CVE-2024-38693
CVE-2024-38693 describes an SQL Injection in the WordPress plugin WP User Frontend up to version 4.0.7, arising from improper neutralization of special elements in SQL commands. Public details across sources identify affected software as WP User Frontend with versions ≤ 4.0.7 and indicate a patch...
WordPress WP User Frontend Plugin <= 4.0.7 is vulnerable to SQL Injection
Software WP User Frontend Type Plugin Vulnerable versions = 4.0.7 Fixed in 4.0.8 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-38693 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 008157994643 Credits Trương Hữu Phúc truonghuuphuc Required privilege...