CVE-2024-6265 | UsersWP Plugin up to 1.2.10 on WordPress uwp_sort_by sql injection

Posted by Angelo Barbosa | Jun 28, 2024 | CVE

A vulnerability was found in UsersWP Plugin up to 1.2.10 on WordPress. It has been classified as critical. This affects the function uwp_sort_by. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-6265. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-6265 | UsersWP Plugin up to 1.2.10 on WordPress uwp_sort_by sql injection

Related Posts

CVE-2021-27312 | Gleez CMS 1.2.0 request.php server-side request forgery (Issue 805)

CVE-2024-6999 | Google Chrome up to 126.0.6478.182 FedCM Privilege Escalation

CVE-2024-6359 | OpenText ArcSight Intelligence up to 6.4.12 privileges management

CVE-2024-7134 | LiquidPoll Plugin up to 3.3.78 on WordPress form_data cross site scripting