Lucene search
GoogleOSV:CVE-2024-5606HistoryJul 02, 2024 - 6:15 a.m.
CVE-2024-5606
2024-07-0206:15:04
Google
osv.dev
cve-2024-5606
wordpress plugin
sql injection
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 is vulnerable does not validate and escape the question_id parameter in the qsm_bulk_delete_question_from_database AJAX action, leading to a SQL injection exploitable by Contributors and above role
Related
cvelist
cvelist
CVE-2024-5606 Quiz And Survey Master < 9.0.2 - Contributor+ SQLi
2024-07-02 06:00:03
wpexploit
wpexploit
Quiz And Survey Master < 9.0.2 - Contributor+ SQLi
2024-06-10 00:00:00
vulnrichment
vulnrichment
CVE-2024-5606 Quiz And Survey Master < 9.0.2 - Contributor+ SQLi
2024-07-02 06:00:03
wpvulndb
wpvulndb
Quiz And Survey Master < 9.0.2 - Contributor+ SQLi
2024-06-10 00:00:00
cve
cve
CVE-2024-5606
2024-07-02 06:15:04
nvd
nvd
CVE-2024-5606
2024-07-02 06:15:04
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
Related for OSV:CVE-2024-5606