CVE-2024-53783

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Nov 30, 2024
CWE ID 89

Summary

CVE-2024-53783 is a newly disclosed SQL Injection vulnerability affecting the Ni WooCommerce Cost Of Goods plugin. The flaw, located in the plugin's handling of user input, allows an attacker to inject malicious SQL commands. Successful exploitation could lead to unauthorized access to sensitive data or even database takeover. This issue puts versions of Ni WooCommerce Cost Of Goods from n/a through 3.2.8 at risk. Users are advised to update to a patched version as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share