CVE-2024-36082

Summary

SQL injection vulnerability in Music Store - WordPress eCommerce versions prior to 1.1.14 allows a remote authenticated attacker with an administrative privilege to execute arbitrary SQL commands. Information stored in the database may be obtained or altered by the attacker.

Affected Software

VendorProductVersion RangeStatus
CodePeopleMusic Store - WordPress eCommerceprior to 1.1.14affected

Weaknesses

  • SQL Injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References