CVE-2024-53817

CVSS 3.1 Score 7.6 of 10 (high)

Details

Published Dec 6, 2024
CWE ID 89

Summary

CVE-2024-53817 is an SQL injection vulnerability affecting Acowebs Product Labels for Woocommerce. The issue, which allows for blind SQL injection, arises due to improper neutralization of special elements in SQL commands. This weakness, present in versions from n/a to 1.5.8, could be exploited by attackers to manipulate databases, potentially leading to unauthorized access or data theft. Users are strongly advised to update their installation to the latest, secure version as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share