SQL Injection Vulnerability in Cost Of Goods
CVE-2024-53783
7.6HIGH
Key Information
- Vendor
- Anzia
- Status
- Ni WooCommerce Cost Of Goods
- Vendor
- CVE Published:
- 30 November 2024
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzia Ni WooCommerce Cost Of Goods allows SQL Injection.This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.
Affected Version(s)
Ni WooCommerce Cost Of Goods <= 3.2.8
CVSS V3.1
Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Hakiduck (Patchstack Alliance)