Unrated severityNVD Advisory· Published Feb 17, 2025· Updated Feb 19, 2025
Themes Coder <= 1.3.4 - Unauthenticated SQLi
CVE-2024-13726
Description
The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/ec226d22-0c09-4e7c-86ec-b64819089b60/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.