CVE-2024-28392

https://notcve.org/view.php?id=CVE-2024-28392

20 Mar 2024 — SQL injection vulnerability in pscartabandonmentpro v.2.0.11 and before allows a remote attacker to escalate privileges via the pscartabandonmentproFrontCAPUnsubscribeJobModuleFrontController::setEmailVisualized() method. • https://addons.prestashop.com/en/remarketing-shopping-cart-abandonment/16535-abandoned-cart-reminder-pro.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •