Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roundup WP Registrations for the Events Calendar allows SQL Injection.This issue affects Registrations for the Events Calendar: from n/a through 2.12.2.
History

Fri, 13 Sep 2024 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Roundupwp
Roundupwp registrations For The Events Calendar
CPEs cpe:2.3:a:roundupwp:registrations_for_the_events_calendar:*:*:*:*:*:*:*:*
Vendors & Products Roundupwp
Roundupwp registrations For The Events Calendar

Thu, 29 Aug 2024 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 29 Aug 2024 14:45:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roundup WP Registrations for the Events Calendar allows SQL Injection.This issue affects Registrations for the Events Calendar: from n/a through 2.12.2.
Title WordPress Registrations for the Events Calendar plugin <= 2.12.2 - SQL Injection vulnerability
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 8.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-08-29T14:19:56.207Z

Updated: 2024-08-29T14:49:15.591Z

Reserved: 2024-06-26T21:18:36.160Z

Link: CVE-2024-39638

cve-icon Vulnrichment

Updated: 2024-08-29T14:49:12.471Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-29T15:15:27.093

Modified: 2024-09-13T21:00:44.173

Link: CVE-2024-39638

cve-icon Redhat

No data.