VYPR
Unrated severityNVD Advisory· Published Feb 17, 2025· Updated Feb 19, 2025

Themes Coder <= 1.3.4 - Unauthenticated SQLi

CVE-2024-13726

Description

The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.