CVE Daily

CVE-2024-56042

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti...

Critical CVSS 9.3

Overview

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3.

CWE: CWE-89 Published: 2024-12-31T13:15:07.823
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.3 (CRITICAL)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags