cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-5207,https://securityvulnerability.io/vulnerability/CVE-2024-5207,WordPress SMTP Plugin Vulnerable to SQL Injection,"The POST SMTP Plugin for WordPress is susceptible to a time-based SQL Injection vulnerability. This issue arises from insufficient escaping of user-supplied parameters and inadequate query preparation in versions prior to 2.9.3. As a result, authenticated users with administrative permissions may exploit this flaw to insert harmful SQL queries into existing commands, potentially allowing them to extract sensitive information from the database. Proper security measures and updates are critical to safeguard against this vulnerability.",Wordpress,Post Smtp – The WordPress Smtp Plugin With Email Logs And Mobile App For Email Failure Notifications,7.2,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-30T05:33:15.366Z,0