5 matches found
CVE-2024-6027
The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2024-6027
The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2024-6027 Themify - WooCommerce Product Filter <= 1.4.9 - Unauthenticated SQL Injection via conditions Parameter
The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
CVE-2024-6027 Themify - WooCommerce Product Filter <= 1.4.9 - Unauthenticated SQL Injection via conditions Parameter
The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
WordPress Themify – WooCommerce Product Filter Plugin <= 1.4.9 is vulnerable to SQL Injection
Software Themify – WooCommerce Product Filter Type Plugin Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6027 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 0ec8ecf4ef08 Credits Arkadiusz Hydzik Required...