SQL Injection Flaw in ClickWhale Link Management Tool
CVE-2024-51715
8.5HIGH
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 7 January 2025
What is CVE-2024-51715?
An SQL Injection vulnerability has been identified in the ClickWhale Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages. This vulnerability allows for Blind SQL Injection, potentially enabling attackers to gain unauthorized access to sensitive data or manipulate the database underlying the application. The affected versions, from unspecified releases through 2.4.1, require prompt attention to ensure that database queries are properly sanitized, preventing exploitation.
Affected Version(s)
ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages <= 2.4.1