exploitDog

CVE-2024-38793

Опубликовано: 29 авг. 2024

Источник: nvd

CVSS3: 8.5

CVSS3: 8.8

EPSS Средний

Описание

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.1.

Ссылки

https://patchstack.com/database/vulnerability/best-restaurant-menu-by-pricelisto/wordpress-best-restaurant-menu-by-pricelisto-plugin-1-4-1-sql-injection-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pricelisto:great_restaurant_menu_wp:*:*:*:*:*:wordpress:*:*

Версия до 1.4.2 (исключая)

EPSS

Процентиль: 98%

0.46847

Средний

8.5 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-hwfj-8pr6-34jj

CVSS3: 8.5

github

больше 1 года назад

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restaurant Menu by PriceListo: from n/a through 1.4.1.

EPSS

Процентиль: 98%

0.46847

Средний

8.5 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-89

CWE-89