Unrated severityNVD Advisory· Published Jul 9, 2024· Updated Apr 28, 2026
SQL Injection vulnerability in multiple StylemixThemes premium themes
CVE-2024-37090
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: from n/a through 1.3.0.
Affected products
4- Range: <=1.3.0
- Range: <=1.2.2
- StylemixThemes/Consulting Elementor Widgetsv5Range: n/a
- StylemixThemes/Masterstudy Elementor Widgetsv5Range: n/a
Patches
Vulnerability mechanics
References
2- patchstack.com/database/vulnerability/consulting-elementor-widgets/wordpress-consulting-elementor-widgets-plugin-1-3-0-sql-injection-vulnerabilitymitrevdb-entry
- patchstack.com/database/vulnerability/masterstudy-elementor-widgets/wordpress-masterstudy-elementor-widgets-plugin-1-2-2-sql-injection-vulnerabilitymitrevdb-entry
News mentions
0No linked articles in our index yet.