Unrated severityNVD Advisory· Published Apr 15, 2024· Updated Mar 27, 2025
WooCommerce Customers Manager < 29.7 - Subscriber+ SQL Injection
CVE-2024-0399
Description
The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <29.7
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/1550e30c-bf80-48e0-bc51-67d29ebe7272/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.