Lucene search
K

5 matches found

Circl
Circl
added 2024/06/05 10:32 a.m.14 views

CVE-2024-4295

creationtimestamp| type| source ---|---|--- 2024-06-05 10:32:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7530 2024-06-06 17:36:36+00:00| published-proof-of-concept| https://t.me/HackingInsights/1803 2024-08-30 06:52:02+00:00| published-proof-of-concept|...

9.8CVSS4.8AI score0.10161EPSS
Exploits1References15
CVE
CVE
added 2024/06/05 5:33 a.m.127 views

CVE-2024-4295

CVE-2024-4295 affects the WordPress plugin Email Subscribers by Icegram Express . It is an unauthenticated SQL injection via the hash parameter in all versions up to 5.7.20 caused by insufficient escaping and poor SQL query preparation. Exploitation could enable attackers to append additional SQL...

9.8CVSS9.6AI score0.10161EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/05 5:33 a.m.41 views

CVE-2024-4295 Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

9.8CVSS7.5AI score0.10161EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.28 views

WordPress Email Subscribers & Newsletters Plugin <= 5.7.20 is vulnerable to SQL Injection

Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.7.20 Fixed in 5.7.21 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4295 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 50be2b9566fd Credits 1337Wannabe Required privilege...

9.8CVSS6.7AI score0.10161EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2024/05/14 3:44 p.m.15 views

CVE-2024-4579

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-4295. Reason: This candidate is a reservation duplicate of CVE-2024-4295. Notes: All CVE users should reference CVE-2024-4295 instead of this candidate. All references and descriptions in this candidate have been remov...

9.6AI score
Exploits1
Rows per page
Query Builder