Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roninwp Revy.This issue affects Revy: from n/a through 1.18.
History

Fri, 20 Dec 2024 12:45:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Envato Security Team Revy.This issue affects Revy: from n/a through 1.18. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roninwp Revy.This issue affects Revy: from n/a through 1.18.

Mon, 09 Dec 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Roninwp
Roninwp revy
CPEs cpe:2.3:a:roninwp:revy:*:*:*:*:*:*:*:*
Vendors & Products Roninwp
Roninwp revy
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 09 Dec 2024 12:30:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Envato Security Team Revy.This issue affects Revy: from n/a through 1.18.
Title WordPress Revy plugin <= 1.18 - Unauthenticated SQL Injection vulnerability
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 9.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-12-09T12:26:07.567Z

Updated: 2024-12-20T12:22:15.921Z

Reserved: 2024-12-02T12:03:12.411Z

Link: CVE-2024-54215

cve-icon Vulnrichment

Updated: 2024-12-09T16:58:38.945Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-12-09T13:15:41.760

Modified: 2024-12-20T13:15:22.060

Link: CVE-2024-54215

cve-icon Redhat

No data.