5 matches found
CZ Loan Management <= 1.1 - SQL Injection
The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. id: CVE-2024-5975 info: name: CZ Loan Management = 1.1 - SQL Injection author...
CVE-2024-5975
The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2024-5975
The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
CVE-2024-5975 CZ Loan Management <= 1.1 - Unauthenticated SQLi
The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
WordPress CZ Loan Management Plugin <= 1.1 is vulnerable to SQL Injection
Software CZ Loan Management Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5975 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID c42111d4bd74 Credits Project Black Required privilege Unauthenticated...