VYPR

Houzez CRM

by WordPress

CVEs (1)

  • CVE-2024-5792HigJul 10, 2024
    risk 0.57cvss 8.8epss 0.00

    The Houzez CRM plugin for WordPress is vulnerable to time-based SQL Injection via the notes ‘belong_to’ parameter in all versions up to, and including, 1.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL…