Blind SQL Injection Vulnerability in Market 360 Viewer
CVE-2024-51619

8.5HIGH

Key Information:

Vendor: WordPress
Status: Market 360 Viewer
Vendor: CVE Published:; 9 November 2024

Summary

The Market 360 Viewer plugin by Market360.Co is susceptible to an SQL Injection vulnerability, allowing attackers to perform blind SQL injection attacks. This could lead to unauthorized access to sensitive data or manipulation of database content. The vulnerability affects all versions from n/a through 1.01, making it crucial for users to patch their systems and secure their applications to prevent potential exploitation.

Affected Version(s)

Market 360 Viewer <= 1.01

References

https://patchstack.com/database/vulnerability/market-360-...

vdb-entry

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Nov 9, 2024
Vulnerability Reserved
Oct 30, 2024

Credit

LVT-tholv2k (Patchstack Alliance)