CVE-2024-7717
CVE-2024-7717 – In WP Events Manager for WordPress, there is a time-based SQL Injection in the order parameter affecting all versions up to 2.1.11. Exploitation requires Subscriber+ level authentication and can cause injection of additional SQL to extract sensitive data. According to connected RH...