SQL Injection Vulnerability in SSL Wireless SMS Notification by SSL Wireless
CVE-2024-56284
9.3CRITICAL
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 7 January 2025
What is CVE-2024-56284?
A vulnerability has been identified in the SSL Wireless SMS Notification plugin that allows for improper neutralization of special elements in SQL commands, leading to SQL Injection attacks. This issue poses a risk to any system using versions from n/a to 3.5.0, enabling attackers to potentially manipulate database queries, gain unauthorized access, and extract sensitive information. Users of the SSL Wireless SMS Notification should update to the latest version to mitigate this risk.
Affected Version(s)
SSL Wireless SMS Notification <= 3.5.0