ГлавнаяУязвимости → CVE-2024-0566
7.2высокая

CVE-2024-0566

Описание

The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.

Затрагиваемое ПО
Storeapps Smart manager
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Источники
https://wpscan.com/vulnerability/ca83db95-4a08-4615-aa8d-016022404c32/https://wpscan.com/vulnerability/ca83db95-4a08-4615-aa8d-016022404c32/