CVE-2024-48020

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Oct 11, 2024

CWE ID 89

Summary

CVE-2024-48020 is an SQL Injection vulnerability found in the Backup and Staging plugin by WP Time Capsule, impacting versions up to 1.22.21. This flaw allows attackers to manipulate SQL commands, posing a high risk to confidentiality and potentially exposing sensitive data without requiring significant privileges or user interaction. The vulnerability is classified with a CVSS base score of 8.5, indicating its severity and ease of exploitation over a network. Organizations using affected products should promptly apply available patches or updates to mitigate the risks associated with this vulnerability. For further details, it is recommended to consult resources such as Patchstack for remediation guidance.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database