CVE-2024-6159 in Push Notification for Post and BuddyPress Plugin
الملخص
بحسب MITRE • 16/05/2025
The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
If you want to get best quality of vulnerability data, you may have to visit VulDB.