CVE-2024-13608

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Feb 17, 2025

Updated: Feb 19, 2025

Summary

CVE-2024-13608 is a vulnerability affecting the Track Logins WordPress plugin before version 1.0. The issue arises due to the plugin's failure to sanitize and escape a user input parameter, which can be exploited to execute SQL injection attacks. This vulnerability could potentially grant attackers administrative access to the WordPress site, compromising its security and integrity. It is crucial for users to update their Track Logins plugin to the latest version or disable it to prevent potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2rIJbD
https://www.cve.org/CVERecord?id=CVE-2024-13608
https://nvd.nist.gov/vuln/detail/CVE-2024-13608

Back to Vulnerability Database

CVE-2024-13608

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations