Lucene search
K

10 matches found

Nuclei
Nuclei
added yesterday19 views

Opti Marketing <= 2.0.9 - SQL Injection

The Opti Marketing plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to appe...

9.8CVSS6.1AI score0.03292EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/11/20 12:0 a.m.7 views

Opti Marketing Plugin for WordPress <= 2.0.9 SQL Injection

The WordPress Opti Marketing Plugin installed on the remote host is affected by an unauthenticated SQL injection vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

9.8CVSS8.6AI score0.03292EPSS
Exploits1References3
OSV
OSV
added 2024/09/08 6:15 a.m.3 views

CVE-2024-6928

The Opti Marketing WordPress plugin through 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS5.9AI score0.03292EPSS
Exploits1References1
NVD
NVD
added 2024/09/08 6:15 a.m.15 views

CVE-2024-6928

The Opti Marketing WordPress plugin through 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

9.8CVSS0.03292EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/09/08 6:0 a.m.11 views

CVE-2024-6928 Opti Marketing <= 2.0.9 - Unauthenticated SQLi

The Opti Marketing WordPress plugin through 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

7.9AI score0.03292EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/08 6:0 a.m.19 views

CVE-2024-6928 Opti Marketing <= 2.0.9 - Unauthenticated SQLi

The Opti Marketing WordPress plugin through 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

0.03292EPSS
Exploits1References1
CVE
CVE
added 2024/09/08 6:0 a.m.66 views

CVE-2024-6928

CVE-2024-6928 concerns unauthenticated SQL injection in the Opti Marketing WordPress plugin (≤ 2.0.9) caused by insufficient escaping on a user-supplied parameter used in a SQL statement via an AJAX action. Public reports (NVD, RH, Wordfence vulnerability entries) describe that unauthenticated at...

9.8CVSS9.9AI score0.03292EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/09/08 12:0 a.m.4 views

WordPress plugin Opti Marketing 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

9.8CVSS7.5AI score0.03292EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/08/15 3:17 a.m.6 views

WordPress Opti Marketing plugin <= 2.0.9 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Project Black in WordPress Plugin Opti Marketing versions = 2.0.9...

9.8CVSS7AI score0.03292EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/08/15 12:0 a.m.14 views

WordPress Opti Marketing Plugin <= 2.0.9 is vulnerable to SQL Injection

Software Opti Marketing Type Plugin Vulnerable versions = 2.0.9 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-6928 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 20bcbe97a70a Credits Project Black Required privilege Unauthenticated...

9.8CVSS6.8AI score0.03292EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder