4 matches found
CVE-2024-51579 WordPress 5 Stars Rating Funnel plugin <=1.4.01 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.This issue affects 5 Stars Rating Funnel: from n/a through = 1.4.01...
CVE-2024-51579
CVE-2024-51579 is a SQL Injection vulnerability in the WordPress plugin 5 Stars Rating Funnel (Builds up to 1.4.01). The issue arises from insufficient escaping of user-supplied input and lack of proper query preparation, enabling an authenticated attacker with Contributor+ privileges to potentia...
CVE-2024-51579 WordPress 5 Stars Rating Funnel plugin <=1.4.01 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.This issue affects 5 Stars Rating Funnel: from n/a through = 1.4.01...
WordPress 5 Stars Rating Funnel Plugin <=1.4.01 is vulnerable to SQL Injection
Software 5 Stars Rating Funnel Type Plugin Vulnerable versions =1.4.01 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-51579 Patch priority Low CVSS severity Low 8.5 Developer Tobias PSID a5f214d4be7a Credits Trương Hữu Phúc truonghuuphuc Required privilege...