CVE-2024-2804

The Network Summary plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter in all versions up to, and including, 2.0.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-2804 Network Summary <= 2.0.11 - Unauthenticated SQL Injection

The Network Summary plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter in all versions up to, and including, 2.0.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-2804 Network Summary <= 2.0.11 - Unauthenticated SQL Injection

The Network Summary plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter in all versions up to, and including, 2.0.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

WordPress Plugin Network Summary 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers. A security vulnerability exists i...

PT-2024-22229 · WordPress · Network Summary Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Network Summary plugin for WordPress versions up to and including 2.0.11 Description: The issue allows for SQL Injection via the category parameter due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation...

WordPress Network Summary Plugin <= 2.0.11 is vulnerable to SQL Injection

Software Network Summary Type Plugin Vulnerable versions = 2.0.11 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-2804 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 3fb16073a3aa Credits Dan Collins Required privilege Unauthenticated...

Network Summary <= 2.0.11 - Unauthenticated SQL Injection

Description The Network Summary plugin for WordPress is vulnerable to SQL Injection via the 'category' parameter in all versions up to, and including, 2.0.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...