CVE-2024-43966

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1.
Configurations

Configuration 1 (hide)

cpe:2.3:a:starkdigital:wp_testimonial_widget:*:*:*:*:*:wordpress:*:*

History

13 Sep 2024, 16:01

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.6
v2 : unknown
v3 : 7.2
CPE cpe:2.3:a:starkdigital:wp_testimonial_widget:*:*:*:*:*:wordpress:*:*
Summary
  • (es) Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en Stark Digital WP Testimonial Widget. Este problema afecta el widget de testimonios de WP: desde n/a hasta 3.1.
References () https://patchstack.com/database/vulnerability/wp-testimonial-widget/wordpress-wp-testimonial-widget-plugin-3-1-sql-injection-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/wp-testimonial-widget/wordpress-wp-testimonial-widget-plugin-3-1-sql-injection-vulnerability?_s_id=cve - Third Party Advisory
First Time Starkdigital wp Testimonial Widget
Starkdigital

26 Aug 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-26 15:15

Updated : 2024-09-13 16:01


NVD link : CVE-2024-43966

Mitre link : CVE-2024-43966

CVE.ORG link : CVE-2024-43966


JSON object : View

Products Affected

starkdigital

  • wp_testimonial_widget
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')