CVE-2024-6265 | UsersWP Plugin up to 1.2.10 on WordPress uwp_sort_by sql injection

Posted by Angelo Barbosa | Jun 28, 2024 | CVE

A vulnerability was found in UsersWP Plugin up to 1.2.10 on WordPress. It has been classified as critical. This affects the function uwp_sort_by. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-6265. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-6265 | UsersWP Plugin up to 1.2.10 on WordPress uwp_sort_by sql injection

Related Posts

CVE-2024-2280 | Better Elementor Addons Plugin up to 1.4.1 on WordPress Widget Links cross site scripting

CVE-2022-46480 | Ultraloq UL3 2nd Gen Smart Lock 02.27.0012 Bluetooth LE user session

CVE-2024-1044 | Customer Reviews for WooCommerce Plugin up to 5.38.12 on WordPress submit_review improper authorization

CVE-2024-7063 | ElementsKit Pro Plugin up to 3.6.6 on WordPress information disclosure