CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35678 – WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.2 - SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-35678
05 Jun 2024 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft.This issue affects Contact Form to DB by BestWebSoft: from n/a through 1.7.2. Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ("Inyección SQL") en BestWebSoft Contact Form to DB de BestWebSoft. Este problema afecta el Contact Form to DB de BestWebSoft: desde n/a hasta 1.7.2. The Contact Form to DB by BestWebSoft ... • https://patchstack.com/database/vulnerability/contact-form-to-db/wordpress-contact-form-to-db-by-bestwebsoft-plugin-1-7-2-sql-injection-vulnerability?_s_id=cve • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •