CVE-2024-13473

Summary

CVE-2024-13473 is a vulnerability affecting the LTL Freight Quotes – Worldwide Express Edition plugin for WordPress. This issue allows unauthenticated attackers to execute SQL Injections through the 'dropship_edit_id' and 'edit_id' parameters due to insufficient escaping and unprepared SQL queries. As a result, attackers can append additional SQL queries to existing ones, extracting sensitive information from the database. This vulnerability can pose a significant risk to websites using this plugin, making it essential to apply the necessary patches or updates as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.