Woozone

CVEs (4)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2024-33546	WordPress Woozone	Cri	0.62	9.6	Apr 29, 2024	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33544	WordPress Woozone	Cri	0.60	9.3	Apr 29, 2024	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33549	WordPress Woozone	Hig	0.57	8.8	May 17, 2024	Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33548	WordPress Woozone	Hig	0.46	7.1	Apr 29, 2024	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10.

CVE-2024-33546CriApr 29, 2024
WordPress
Woozone
risk 0.62cvss 9.6epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33544CriApr 29, 2024
WordPress
Woozone
risk 0.60cvss 9.3epss 0.00
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33549HigMay 17, 2024
WordPress
Woozone
risk 0.57cvss 8.8epss 0.00
Improper Privilege Management vulnerability in AA-Team WZone allows Privilege Escalation.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33548HigApr 29, 2024
WordPress
Woozone
risk 0.46cvss 7.1epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10.