CVE-2024-1514
CVE-2024-1514 affects the WP eCommerce plugin for WordPress. It allows time-based blind SQL injection via the cart_contents parameter in all versions up to 3.15.1 due to insufficient escaping and lack of prepared statements, enabling unauthenticated attackers to append SQL to existing queries to ...