SQL Injection Vulnerability in Track Logins Plugin for WordPress

CVE-2024-13608

What is CVE-2024-13608?

The Track Logins plugin for WordPress, up to version 1.0, is susceptible to SQL injection due to inadequate sanitization and escaping of a user-supplied parameter prior to its use in SQL statements. This oversight enables attackers, including malicious admins, to craft SQL queries that may compromise the database's integrity, exfiltrating sensitive information or manipulating the data. It is crucial for administrators utilizing this plugin to update to a patched version to mitigate potential security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References