CVE-2024-1799

The GamiPress – The 1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to SQL Injection via the 'achievementtypes' attribute of the gamipressearnings shortcode in all versions up to, and including, 6.8.6 due to insufficient escapin...

PT-2024-18317 · Gamipress · Gamipress

Name of the Vulnerable Software and Affected Versions: GamiPress versions up to, and including, 6.8.6 Description: The issue concerns a SQL Injection vulnerability via the achievement types attribute of the gamipress earnings shortcode. This vulnerability is due to insufficient escaping on the...