- Description
- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
- Source
- audit@patchstack.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- audit@patchstack.com
- CWE-89
- Hype score
- Not currently trending
#今日の脆弱性 #EPSS CVE-2024-27956 ValvePress(WordPressのPlugin)のSQLiの脆弱性が上昇傾向にあります、が、epss=0.55374と現状では静観レベル。 https://t.co/5YP6Wsxdm1
@papa_anniekey
16 Feb 2025
397 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
امشب بچه ها یک لایو داریم ساعت ۸ برای exploit اپیزود این هفته که درمورد CVE-2024-27956 بود https://t.co/DZbh3dng8o
@soltanali0
3 Jan 2025
88 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Week 33 | GOTOCVE 🚨 This week we’re diving into CVE-2024-27956 in the WP-Aitomatic WordPress plugin! 🔍 SQL Injection vulnerability that could give attackers admin access. 🔓 Check out the live demo on our Telegram channel! 🔗 https://t.co/DZbh3dng8o #GOTOCVE #CVE202427956
@soltanali0
2 Jan 2025
55 Impressions
1 Retweet
2 Likes
0 Bookmarks
1 Reply
0 Quotes
[1day1line] CVE-2024-27956: SQL Injection Vulnerability in WordPress's Automatic This vulnerability was exploited by WordPress' SQL Injection. The vulnerability occurred by directly executing the value of a variable passed by the user as a SQL query. https://t.co/CKBttp2wEu
@hackyboiz
20 Nov 2024
302 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:valvepress:automatic:*:*:*:*:*:wordpress:*:*",
"vulnerable": true,
"matchCriteriaId": "BCDB3E1F-7944-4923-9C51-1BC930BD8EB9",
"versionEndIncluding": "3.92.0"
}
],
"operator": "OR"
}
]
}
]