CVE-2024-48040

Summary

CVE-2024-48040 is a SQL Injection vulnerability identified in the Tainacan plugin for WordPress, affecting versions up to 0.21.8. This vulnerability can allow attackers to execute arbitrary SQL commands, potentially compromising the confidentiality of sensitive data within affected products. Remediation involves updating the Tainacan plugin to the latest version to mitigate the risk. The exploitability score is rated at 3.1, with a base severity classified as high (CVSS score of 8.5), indicating that exploitation could occur with low privileges and no user interaction required. Organizations using affected versions are advised to prioritize updates due to the significant security risks associated with this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.