CVE-2024-6265 | UsersWP Plugin up to 1.2.10 on WordPress uwp_sort_by sql injection

Posted by Angelo Barbosa | Jun 28, 2024 | CVE

A vulnerability was found in UsersWP Plugin up to 1.2.10 on WordPress. It has been classified as critical. This affects the function uwp_sort_by. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-6265. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-6265 | UsersWP Plugin up to 1.2.10 on WordPress uwp_sort_by sql injection

Related Posts

CVE-2023-5505 | BackWPup Plugin up to 4.0.1 on WordPress path traversal

CVE-2024-40605 | Foreground Skin up to 1.42.1 on MediaWiki Sidebar Menu cross site scripting

CVE-2024-30625 | Tenda FH1205 2.0.0.7(775) /goform/addressNat fromAddressNat entrys stack-based overflow

CVE-2024-23476 | SolarWinds Access Rights Manager up to 2023.2.2 path traversal