Blind SQL Injection Vulnerability in Woocommerce Quote Calculator
CVE-2024-50479

9.8CRITICAL

Key Information:

Vendor: WordPress
Status: WooCommerce Quote Calculator
Vendor: CVE Published:; 28 October 2024

What is CVE-2024-50479?

A vulnerability related to improper neutralization of special elements in SQL commands has been identified in the WooCommerce Quote Calculator plugin developed by Mansur Ahamed. This vulnerability can lead to a Blind SQL Injection, allowing attackers to manipulate database queries through the application's input fields. As a result, unauthorized access to sensitive data may occur, posing significant risks to users utilizing this plugin version 1.1 and earlier. It is imperative for users to review and apply the necessary security patches to safeguard their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Woocommerce Quote Calculator <= 1.1

References

https://patchstack.com/database/vulnerability/woo-quote-c...

vdb-entry

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 28, 2024
Vulnerability Reserved
Oct 24, 2024

Credit

LVT-tholv2k (Patchstack Alliance)

JSON

WordPress

What is CVE-2024-50479?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.