CVE-2024-6159 in Push Notification for Post and BuddyPress Pluginالمعلومات

الملخص

بحسب MITRE • 16/05/2025

The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

19/06/2024

إفشاء

16/05/2025

الاعتدال

تمت الموافقة

إدخال

VDB-301226

EPSS

0.02491

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Want to stay up to date on a daily basis?

Enable the mail alert feature now!