3 matches found
CVE-2024-49299
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Surfer Surfer surferseo allows SQL Injection.This issue affects Surfer: from n/a through = 1.5.0.502...
CVE-2024-49299
CVE-2024-49299 affects the WordPress Surfer plugin up to version 1.5.0.502. It is an SQL injection caused by improper neutralization of special elements in an SQL command. Patchstack/CVE details show a fix in Surfer 1.6.0.523; upgrade to 1.6.0.523 or newer. CVSSv3.1 base score 7.6 (HIGH); attack ...
WordPress Surfer Plugin <= 1.5.0.502 is vulnerable to SQL Injection
Software Surfer Type Plugin Vulnerable versions = 1.5.0.502 Fixed in 1.6.0.523 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49299 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID d0e40de8a6d2 Credits Nguyễn Trung Kiên anhchangmutrang Required privile...