all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Imperva Customers are Protected Against New SQL Injection Vulnerability in WordPress Plugin

Add to bookmarks
Feb. 28, 2024, 5 p.m. | Gabi Stapel

Security Boulevard securityboulevard.com

A critical security flaw, identified as CVE-2024-1071, was discovered in the Ultimate Member plugin for WordPress, affecting over 200,000 active installations. This vulnerability has a high severity CVSS score of 9.8 and allows for SQL injection via the ‘sorting’ parameter due to insufficient input sanitization and preparation of SQL queries. Unauthenticated attackers could exploit this […]


The post Imperva Customers are Protected Against New SQL Injection Vulnerability in WordPress Plugin appeared first on Blog.


The post Imperva Customers are …

critical customers cve cvss cvss score flaw high imperva imperva threat research injection input parameter plugin preparation score security security flaw severity sql sql injection ultimate member vulnerability wordpress wordpress plugin

Visit resource

More from securityboulevard.com / Security Boulevard

Palo Alto Networks Extends SASE Reach to Unmanaged Devices an hour ago | securityboulevard.com
alto devices devops devsecops +20
USENIX Security ’23 – Cryptographic Deniability: A Multi-perspective Study of User Perceptions and Expectations an hour ago | securityboulevard.com
access authors channel conference +17
The impact of automating open source dependency management an hour ago | securityboulevard.com
automation business consuming customer +14
Navigating Container Security with AttackIQ’s Optimization Solutions 2 hours ago | securityboulevard.com
attackiq businesses challenge cloud security +19
CEO Discusses MDR Service With a Risk-Based Approach 3 hours ago | securityboulevard.com
aids apps artificial artificial intelligence +29
GitLab ‘Perfect 10’ Bug Gets a CISA Warning: PATCH NOW 3 hours ago | securityboulevard.com
agency analytics & intelligence api security bug +70
Our New “Days of Rage” Protest Activity and Considerations for Corporate Security 3 hours ago | securityboulevard.com
article attack college corporate +23
Understanding the Link Between API Exposure and Vulnerability Risks 5 hours ago | securityboulevard.com
api apis application security architectures +19
USENIX Security ’23 – Defining “Broken”: User Experiences and Remediation Tactics When Ad-Blocking or Tracking-Protection … 5 hours ago | securityboulevard.com
access arthur authors blocking +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604
View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö
View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963
View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000
View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto
View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com
View more jobs