CVE-2024-44004

Name of the Vulnerable Software and Affected Versions WPCargo Track & Trace versions 7.0.0 through 7.0.6

Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows attackers to manipulate the database remotely. The estimated number of potentially affected devices is not specified.

Recommendations For versions 7.0.0 through 7.0.6, update to a version later than 7.0.6 to mitigate the risk of SQL injection attacks. As a temporary workaround, consider restricting access to sensitive database operations until a patch is applied. Avoid using user-supplied input in SQL commands without proper sanitization.