CVE-2024-2342 | Appointment Booking Calendar Plugin up to 1.6.7.7 on WordPress Shortcode sql injection

Inserito da Angelo Barbosa | Mar 20, 2024 | CVE

A vulnerability classified as critical was found in Appointment Booking Calendar Plugin up to 1.6.7.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-2342. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-2342 | Appointment Booking Calendar Plugin up to 1.6.7.7 on WordPress Shortcode sql injection

Post correlati

CVE-2024-27808 | Apple tvOS Web Contents memory corruption

CVE-2023-52450 | Linux Kernel up to 6.1/6.6.13/6.7.1 on x86 uncore upi_fill_topology null pointer dereference (3d6f4a78b104/1692cf434ba1/bf1bf09e6b59)

CVE-2024-30347 | Foxit PDF Reader U3D File Parser out-of-bounds

CVE-2024-7306 | SourceCodester Establishment Billing Management System 1.0 /manage_block.php id sql injection