CVE-2024-4845 | Icegram Express Plugin up to 5.7.22 on WordPress options[list_id] sql injection

Inserito da Angelo Barbosa | Giu 12, 2024 | CVE

A vulnerability, which was classified as critical, was found in Icegram Express Plugin up to 5.7.22 on WordPress. Affected is an unknown function. The manipulation of the argument options[list_id] leads to sql injection.

This vulnerability is traded as CVE-2024-4845. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-4845 | Icegram Express Plugin up to 5.7.22 on WordPress options[list_id] sql injection

Post correlati

CVE-2024-42490 | goauthentik API Endpoint improper authorization

CVE-2024-41687 | SyroTech SY-GPON-1110-WDONT 3.1.02-231102 HTTP Session cleartext transmission (CIVN-2024-0225)

CVE-2024-42126 | Linux Kernel up to 6.1.97/6.6.38/6.9.8 nmi_enter/nmi_exit allocation of resources

CVE-2023-45705 | HCL BigFix Platform 10.0/10.0.10/11.0.0/11.0.1 SMTP Configuration Option server-side request forgery (KB0111972)