Vulnerability Details CVE-2024-13726
The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
Exploit prediction scoring system (EPSS) score
EPSS Score 0.109
EPSS Ranking 93.1%
CVSS Severity
CVSS v3 Score 8.6
Products affected by CVE-2024-13726
-
cpe:2.3:a:themescoder:themes_coder:*