CVE-2024-54234
CVSS 3.1 Score 9.3 of 10 (high)
Details
Summary
CVE-2024-54234 is a newly disclosed SQL Injection vulnerability affecting the Limit Login Attempts plugin for WordPress. The issue arises from improper handling of special elements in SQL commands, enabling attackers to execute malicious queries and potentially gain unauthorized access to sensitive data. This vulnerability affects versions of the plugin from n/a through 5.5. Successful exploitation could lead to significant security risks, including data theft and unauthorized system modifications. Users are strongly advised to update the plugin to the latest, secure version as soon as possible.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.