CVE-2024-30501SQL Injection in Download Monitor

CWE-89SQL Injection3 documents3 sources
Severity
7.2HIGHNVD
CNA7.6
EPSS
0.6%
top 30.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Wpchill Download Monitor
Timeline
PublishedMar 29

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.9.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

CVEListV5wpchill/download_monitorn/a4.9.4

🔴Vulnerability Details

2
CVEList
WordPress Download Monitor theme <= 4.9.4 - Auth. SQL Injection vulnerability2024-03-29
GHSA
GHSA-mw2p-r2fm-9p6g: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPChill Download Monitor2024-03-29
CVE-2024-30501 — SQL Injection in Download Monitor | cvebase