SQL Injection Vulnerability in Cost Of Goods

CVE-2024-53783

7.6HIGH

Key Information

Vendor
Anzia
Status
Ni WooCommerce Cost Of Goods
Vendor
CVE Published:
30 November 2024

Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzia Ni WooCommerce Cost Of Goods allows SQL Injection.This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.

Affected Version(s)

Ni WooCommerce Cost Of Goods <= 3.2.8

References

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

Hakiduck (Patchstack Alliance)
.