CVE-2024-48043

Name of the Vulnerable Software and Affected Versions ShortPixel Image Optimizer versions n/a through 5.6.3

Description The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, in the ShortPixel Image Optimizer. This vulnerability allows attackers to exploit the improper neutralization of special elements used in an SQL command.

Recommendations For versions n/a through 5.6.3, update to a version newer than 5.6.3 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database queries to minimize the risk of exploitation. Avoid using user-supplied input in SQL commands until the issue is resolved.