3 matches found
CVE-2024-6479
The SIP Reviews Shortcode for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'noofreviews' attribute in the woocommercereviews shortcode in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2024-6479 SIP Reviews Shortcode for WooCommerce <= 1.2.3 - Authenticated (Contributor+) SQL Injection
The SIP Reviews Shortcode for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'noofreviews' attribute in the woocommercereviews shortcode in all versions up to, and including, 1.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient...
WordPress SIP Reviews Shortcode for WooCommerce Plugin <= 1.2.3 is vulnerable to SQL Injection
Software SIP Reviews Shortcode for WooCommerce Type Plugin Vulnerable versions = 1.2.3 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6479 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID dfe9c064baeb Credits WordFence Required privilege...