PT-2023-31326 · WordPress · Spoonthemes Couponis
Fearzzzz
+2
·
Publicado
2023-12-19
·
Atualizado
2023-12-22
·
CVE-2023-49750
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Spoonthemes Couponis - Affiliate & Submitting Coupons WordPress Theme versions prior to 2.2
Description
The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential exploitation by injecting malicious SQL code.
Recommendations
For versions prior to 2.2, update to version 2.2 or later to resolve the issue.
As a temporary workaround, consider restricting access to sensitive database queries until a patch is applied.
Avoid using user-input data directly in SQL commands to minimize the risk of exploitation.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Spoonthemes Couponis