CVE-2024-49303
CVSS 3.1 Score 8.5 of 10 (high)
Details
Published Jan 21, 2025
CWE ID 89
Summary
CVE-2024-49303 is a vulnerability affecting the Hero Mega Menu - Responsive WordPress Menu Plugin. This issue involves improper neutralization of special elements in SQL commands, leading to an SQL Injection vulnerability. An attacker could exploit this flaw to gain unauthorized access to database information or make unintended changes. The vulnerability impacts versions of the plugin from n/a through 1.16.5. Users are advised to upgrade to a patched version as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share