Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author allows SQL Injection.This issue affects WP Post Author: from n/a through 3.8.2.
History

Fri, 07 Feb 2025 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Afthemes
Afthemes wp Post Author
CPEs cpe:2.3:a:afthemes:wp_post_author:*:*:*:*:*:wordpress:*:*
Vendors & Products Afthemes
Afthemes wp Post Author

Thu, 02 Jan 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 02 Jan 2025 12:15:00 +0000

Type Values Removed Values Added
Title WordPress WP Post Author plugin <= 3.8.2 - SQL Injection vulnerability

Thu, 02 Jan 2025 12:45:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author allows SQL Injection.This issue affects WP Post Author: from n/a through 3.8.2.
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2025-01-02T12:01:21.366Z

Updated: 2025-01-02T18:40:43.410Z

Reserved: 2024-12-18T19:04:18.507Z

Link: CVE-2024-56247

cve-icon Vulnrichment

Updated: 2025-01-02T18:40:39.796Z

cve-icon NVD

Status : Analyzed

Published: 2025-01-02T12:15:26.293

Modified: 2025-02-07T15:44:18.300

Link: CVE-2024-56247

cve-icon Redhat

No data.