CVE-2024-11732 | BP Profile Shortcodes Extra Plugin up to 2.6.0 on WordPress Shortcode tab sql injection

Posted by Angelo Barbosa | Dec 2, 2024 | CVE

A vulnerability was found in BP Profile Shortcodes Extra Plugin up to 2.6.0 on WordPress. It has been declared as critical. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation of the argument tab leads to sql injection.

This vulnerability was named CVE-2024-11732. The attack can be initiated remotely. There is no exploit available.

CVE-2024-11732 | BP Profile Shortcodes Extra Plugin up to 2.6.0 on WordPress Shortcode tab sql injection

Related Posts

CVE-2024-11367 | Smoove Connector for Elementor Forms Plugin up to 4.1.0 on WordPress cross site scripting

CVE-2024-39816 | OpenHarmony up to 4.1.0 Pre-installed Apps out-of-bounds write

CVE-2023-40106 | Google Android 11/12/12L/13/14 NotificationManagerService.java sanitizeSbn Local Privilege Escalation

CVE-2024-7998 | Octopus Server prior 2024.1.12931/2024.2.9313 OIDC Cookie session expiration