SQL Injection Vulnerability Affects WPExperts Square For GiveWP
CVE-2024-47338
7.6HIGH
What is CVE-2024-47338?
An SQL Injection vulnerability exists in the WPExperts Square for GiveWP plugin, specifically affecting versions up to 1.3. This flaw arises from improper neutralization of special elements used in SQL commands, allowing attackers to execute arbitrary SQL queries. Exploiting this vulnerability could lead to unauthorized data access, data manipulation, or exposure of sensitive information. Website administrators are strongly advised to implement the latest security patches and update to the most secure version of the plugin to mitigate potential risks.
Affected Version(s)
WPExperts Square For GiveWP <= 1.3