CVE-2024-6159 in Push Notification for Post and BuddyPress Plugin정보

요약

\~에 의해 MITRE • 2025. 05. 16.

The Push Notification for Post and BuddyPress WordPress plugin before 1.9.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

If you want to get best quality of vulnerability data, you may have to visit VulDB.

출처

Interested in the pricing of exploits?

See the underground prices here!