cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-1793,https://securityvulnerability.io/vulnerability/CVE-2024-1793,"AWeber Plugin Vulnerable to SQL Injection, Puts Sensitive Data at Risk","The AWeber – Free Sign Up Form and Landing Page Builder Plugin for WordPress is susceptible to a SQL Injection vulnerability through the 'post_id' parameter. This issue arises from inadequate escaping of user-supplied parameters and insufficient preparation in the SQL query. Authenticated attackers with administrator-level access can exploit this weakness to inject additional SQL commands into existing queries, potentially accessing and extracting sensitive information from the database, thereby compromising the security of users' data and the integrity of the application.",Wordpress,Aweber – Free Sign Up Form And Landing Page Builder Plugin For Lead Generation And Email Newsletter Growth,7.2,HIGH,0.0004400000034365803,false,,false,false,false,,false,false,2024-03-13T15:27:24.266Z,0