CVE-2024-5975

{"id": "CVE-2024-5975", "cveTags": [], "metrics": {}, "published": "2024-07-30T06:15:03.277", "references": [{"url": "https://wpscan.com/vulnerability/68f81943-b007-49c8-be9c-d0405b2ba4cf/", "source": "contact@wpscan.com"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection"}, {"lang": "es", "value": " El complemento de WordPress CZ Loan Management hasta la versi\u00f3n 1.1 no sanitiza ni escapa adecuadamente un par\u00e1metro antes de usarlo en una declaraci\u00f3n SQL a trav\u00e9s de una acci\u00f3n AJAX disponible para usuarios no autenticados, lo que lleva a una inyecci\u00f3n de SQL."}], "lastModified": "2024-07-30T13:32:45.943", "sourceIdentifier": "contact@wpscan.com"}