Lucene search
PatchstackCVELIST:CVE-2023-24410HistoryOct 31, 2023 - 2:25 p.m.
CVE-2023-24410 WordPress FluentForm Plugin <= 4.3.25 is vulnerable to SQL Injection
2023-10-3114:25:56
CWE-89
Patchstack
www.cve.org
cve-2023-24410
wordpress
fluentform plugin
sql injection
Improper Neutralization of Special Elements used in an SQL Command (βSQL Injectionβ) vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin β Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin β Fastest Contact Form Builder Plugin for WordPress by Fluent Forms: from n/a through 4.3.25.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "fluentform",
"product": "Contact Form Plugin β Fastest Contact Form Builder Plugin for WordPress by Fluent Forms",
"vendor": "Contact Form - WPManageNinja LLC",
"versions": [
{
"changes": [
{
"at": "5.0.0",
"status": "unaffected"
}
],
"lessThanOrEqual": "4.3.25",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-24410
2023-10-31 15:15:08
prion
prion
Sql injection
2023-10-31 15:15:00
cve
cve
CVE-2023-24410
2023-10-31 15:15:08
wordfence
wordfence