Supsystic Slider Vulnerable to SQL Injection
CVE-2024-30237

7.6HIGH

Key Information:

Vendor: WordPress
Status: Slider By Supsystic
Vendor: CVE Published:; 28 March 2024

Summary

This vulnerability presents an SQL Injection risk in the Supsystic Slider plugin, allowing attackers to manipulate SQL queries through improperly neutralized input. The flaw exists in versions of the Slider by Supsystic up to 1.8.10, exposing databases to unauthorized access and potential data compromise. Implementing safe coding practices and regular updates can help mitigate the risks associated with this vulnerability.

Affected Version(s)

Slider by Supsystic <= 1.8.10

References

https://patchstack.com/database/vulnerability/slider-by-s...

vdb-entry

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 28, 2024
Vulnerability Reserved
Mar 26, 2024

Credit

Jean Tirstan T (Patchstack Alliance)