2 matches found
CVE-2024-7150 Slider by 10Web – Responsive Image Slider <= 1.2.57 - Authenticated (Contributor+) SQL Injection via id Parameter
The Slider by 10Web – Responsive Image Slider plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and including, 1.2.57 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
WordPress Slider by 10Web Plugin <= 1.2.57 is vulnerable to SQL Injection
Software Slider by 10Web Type Plugin Vulnerable versions = 1.2.57 Fixed in 1.2.58 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-7150 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 4ad1a30beb69 Credits Arkadiusz Hydzik Required privilege Contributor...