CVE-2024-3561 | Custom Field Suite Plugin up to 2.6.7 on WordPress Term Custom Field sql injection

Inserito da Angelo Barbosa | Giu 19, 2024 | CVE

A vulnerability was found in Custom Field Suite Plugin up to 2.6.7 on WordPress. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Term Custom Field Handler. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-3561. The attack can be launched remotely. There is no exploit available.

CVE-2024-3561 | Custom Field Suite Plugin up to 2.6.7 on WordPress Term Custom Field sql injection

Post correlati

CVE-2024-4564 | CoDesigner WooCommerce Builder for Elementor Plugin cross site scripting

CVE-2024-37893 | Firefly III up to 6.1.16 MFA improper authentication (GHSA-4gm4-c4mh-4p7w)

CVE-2024-2926 | Livemesh Elementor Addons Plugin up to 8.3.7 on WordPress Widgets cross site scripting

CVE-2023-6600 | OMGF GDPR Compliant, Faster Google Fonts Plugin up to 5.7.9 on WordPress authorization