CVE-2024-30488

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Mar 29, 2024

Updated: Apr 1, 2024

CWE ID 89

Summary

CVE-2024-30488 is a newly disclosed SQL Injection vulnerability in Katie Seaborn Zotpress. Affecting versions from n/a to 7.3.7, this issue arises due to improper neutralization of special elements used in SQL commands. An attacker can exploit this vulnerability to inject malicious SQL queries, potentially leading to unauthorized data access or even complete system compromise. Users are strongly advised to upgrade to a patched version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vFhPlK
https://www.cve.org/CVERecord?id=CVE-2024-30488
https://nvd.nist.gov/vuln/detail/CVE-2024-30488

Back to Vulnerability Database

CVE-2024-30488

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations