CVE-2024-9186 | FunnelKit Recover WooCommerce Cart Abandonment up to 3.2.x on WordPress bwfan-track-id sql injection

Inserito da Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability classified as critical was found in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing and Marketing Automation Plugin up to 3.2.x on WordPress. This vulnerability affects unknown code. The manipulation of the argument bwfan-track-id leads to sql injection.

This vulnerability was named CVE-2024-9186. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-9186 | FunnelKit Recover WooCommerce Cart Abandonment up to 3.2.x on WordPress bwfan-track-id sql injection

Post correlati

CVE-2024-30736 | ROS Kinetic Kame Inter-Process Communication deserialization

CVE-2024-43792 | Halo up to 2.16.x cross site scripting

CVE-2024-33111 | D-Link DIR-845L up to 1.01KRb03 bsc_sms_inbox.php cross site scripting

CVE-2022-42974 | Kostal PIKO 1.5-1 file.bootloader.upload.html innerHTML filename cross site scripting