5 matches found
CVE-2024-43145
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61...
CVE-2024-43145
CVE-2024-43145 is a SQL Injection in the WordPress plugin GeoDirectory by AyeCode Ltd. It affects GeoDirectory versions up to 2.3.61 (authenticated, Subscriber+ context in disclosures). The root cause is improper neutralization of special elements in SQL queries, allowing an attacker with subscri...
CVE-2024-43145 WordPress GeoDirectory plugin <= 2.3.61 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61...
CVE-2024-43145 WordPress GeoDirectory plugin <= 2.3.61 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AyeCode Ltd GeoDirectory.This issue affects GeoDirectory: from n/a through 2.3.61...
WordPress GeoDirectory Plugin <= 2.3.61 is vulnerable to SQL Injection
Software GeoDirectory Type Plugin Vulnerable versions = 2.3.61 Fixed in 2.3.62 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-43145 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 15d790cb62ca Credits Trương Hữu Phúc truonghuuphuc Required privilege...