CVE-2024-12773

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jan 27, 2025

Summary

CVE-2024-12773 is a vulnerability affecting the Altra Side Menu plugin for WordPress. The issue lies in the plugin's failure to sanitize and escape a user input parameter, which is then used directly in a SQL statement. This creates an opportunity for attackers to execute SQL injection attacks, potentially gaining unauthorized access to admin functions and sensitive data within the WordPress installation. The vulnerability can be exploited by malicious users with the ability to submit specially crafted input, making it essential for users of the Altra Side Menu plugin to upgrade to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1ucwBn
https://www.cve.org/CVERecord?id=CVE-2024-12773
https://nvd.nist.gov/vuln/detail/CVE-2024-12773

Back to Vulnerability Database

CVE-2024-12773

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations