cbcvebase.

Eniture Ltl Freight Quotes vulnerabilities

13 known vulnerabilities affecting eniture/ltl_freight_quotes.

Total CVEs
13
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH10MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2024-13477P3CRITICALCVSS 9.8fixed in 2.5.92025-02-12
CVE-2024-13477 [CRITICAL] CWE-89 CVE-2024-13477: The LTL Freight Quotes – Unishippers Edition plugin for WordPress is vulnerable to SQL Injection via The LTL Freight Quotes – Unishippers Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' parameter in all versions up to, and including, 2.5.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to app
nvd
CVE-2024-13485P3HIGHCVSS 7.5fixed in 3.3.82025-02-19
CVE-2024-13485 [HIGH] CWE-89 CVE-2024-13485: The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via The LTL Freight Quotes – ABF Freight Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthentica
nvd
CVE-2024-13481P3HIGHCVSS 7.5fixed in 3.3.52025-02-19
CVE-2024-13481 [HIGH] CWE-89 CVE-2024-13481: The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection vi The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.3.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthentic
nvd
CVE-2024-13478P3HIGHCVSS 7.5fixed in 3.6.52025-02-19
CVE-2024-13478 [HIGH] CWE-89 CVE-2024-13478: The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via the The LTL Freight Quotes – TForce Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated at
nvd
CVE-2024-13479P3HIGHCVSS 7.5fixed in 3.2.52025-02-19
CVE-2024-13479 [HIGH] CWE-89 CVE-2024-13479: The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the 'd The LTL Freight Quotes – SEFL Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 3.2.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated att
nvd
CVE-2024-13483P3HIGHCVSS 7.5fixed in 2.2.112025-02-19
CVE-2024-13483 [HIGH] CWE-89 CVE-2024-13483: The LTL Freight Quotes – SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the 'e The LTL Freight Quotes – SAIA Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 2.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated at
nvd
CVE-2024-13489P3HIGHCVSS 7.5fixed in 4.2.112025-02-19
CVE-2024-13489 [HIGH] CWE-89 CVE-2024-13489: The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection vi The LTL Freight Quotes – Old Dominion Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 4.2.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenti
nvd
CVE-2024-13473P3HIGHCVSS 7.5fixed in 5.0.212025-02-12
CVE-2024-13473 [HIGH] CWE-89 CVE-2024-13473: The LTL Freight Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injecti The LTL Freight Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameter in all versions up to, and including, 5.0.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauth
nvd
CVE-2024-13480P3HIGHCVSS 7.5fixed in 3.4.22025-02-12
CVE-2024-13480 [HIGH] CWE-89 CVE-2024-13480: The LTL Freight Quotes – For Customers of FedEx Freight plugin for WordPress is vulnerable to SQL In The LTL Freight Quotes – For Customers of FedEx Freight plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 3.4.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for u
nvd
CVE-2024-13490P3HIGHCVSS 7.5fixed in 4.3.82025-02-12
CVE-2024-13490 [HIGH] CWE-89 CVE-2024-13490: The LTL Freight Quotes – XPO Edition plugin for WordPress is vulnerable to SQL Injection via the 'ed The LTL Freight Quotes – XPO Edition plugin for WordPress is vulnerable to SQL Injection via the 'edit_id' and 'dropship_edit_id' parameters in all versions up to, and including, 4.3.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated atta
nvd
CVE-2025-22289P3CRITICALCVSS 9.8fixed in 2.5.92025-02-16
CVE-2025-22289 [CRITICAL] CWE-862 CVE-2025-22289: Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Unishippers Edition lt Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Unishippers Edition ltl-freight-quotes-unishippers-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes – Unishippers Edition: from n/a through <= 2.5.8.
nvd
CVE-2024-13476P3HIGHCVSS 7.5fixed in 2.3.122025-02-20
CVE-2024-13476 [HIGH] CWE-89 CVE-2024-13476: The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via the 'engtz_wd_save_dropship' AJAX endpoint in all versions up to, and including, 2.3.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated
nvd
CVE-2025-22284P4MEDIUMCVSS 6.1fixed in 2.5.92025-02-16
CVE-2025-22284 [MEDIUM] CWE-79 CVE-2025-22284: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes – Unishippers Edition ltl-freight-quotes-unishippers-edition allows Reflected XSS.This issue affects LTL Freight Quotes – Unishippers Edition: from n/a through <= 2.5.8.
nvd
Eniture Ltl Freight Quotes vulnerabilities | cvebase