cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-9186,https://securityvulnerability.io/vulnerability/CVE-2024-9186,FunnelKit WordPress plugin vulnerable to SQL injection attacks,"The FunnelKit plugin for WordPress, specifically the WooCommerce Cart Abandonment, Newsletter, Email Marketing, and Marketing Automation functionality, is impacted by a SQL injection flaw. This vulnerability arises from the plugin's failure to properly sanitize and escape user input from the bwfan-track-id parameter before it is incorporated into SQL statements. As a result, malicious actors can exploit this issue to execute unauthorized SQL commands, potentially gaining unauthorized access to the database and compromising sensitive information.",Wordpress,"Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By Funnelkit",,,0.0005300000193528831,false,,false,false,true,true,false,false,2024-11-14T06:00:11.027Z,0