MidnightBSD

Advisories for contrive

CVE-2024-5975

The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection

Products Affected

Vendor Product Version
contrive cz_loan_management *