cvelist/2023/32xxx/CVE-2023-32741.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2023-32741",
        "ASSIGNER": "audit@patchstack.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2.\n\n"
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
                        "cweId": "CWE-89"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "IT Path Solutions PVT LTD",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Contact Form to Any API",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "versions": [
                                                    {
                                                        "changes": [
                                                            {
                                                                "at": "1.1.3",
                                                                "status": "unaffected"
                                                            }
                                                        ],
                                                        "lessThanOrEqual": "1.1.2",
                                                        "status": "affected",
                                                        "version": "n/a",
                                                        "versionType": "custom"
                                                    }
                                                ],
                                                "defaultStatus": "unaffected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerability?_s_id=cve",
                "refsource": "MISC",
                "name": "https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerability?_s_id=cve"
            },
            {
                "url": "http://packetstormsecurity.com/files/175654/WordPress-Contact-Form-To-Any-API-1.1.2-SQL-Injection.html",
                "refsource": "MISC",
                "name": "http://packetstormsecurity.com/files/175654/WordPress-Contact-Form-To-Any-API-1.1.2-SQL-Injection.html"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.1.0-dev"
    },
    "source": {
        "discovery": "EXTERNAL"
    },
    "solution": [
        {
            "lang": "en",
            "supportingMedia": [
                {
                    "base64": false,
                    "type": "text/html",
                    "value": "Update to&nbsp;1.1.3 or a higher version."
                }
            ],
            "value": "Update to\u00a01.1.3 or a higher version."
        }
    ],
    "credits": [
        {
            "lang": "en",
            "value": "Arvandy (Patchstack Alliance)"
        }
    ]
}
"-Synchronized-Data." 2023-05-12 16:00:38 +00:00			`{`
"-Synchronized-Data." 2023-11-04 00:00:34 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2023-05-12 16:00:38 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2023-32741",`
"-Synchronized-Data." 2023-11-04 00:00:34 +00:00			`"ASSIGNER": "audit@patchstack.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2023-05-12 16:00:38 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2023-11-04 00:00:34 +00:00			`"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2.\n\n"`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",`
			`"cweId": "CWE-89"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "IT Path Solutions PVT LTD",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Contact Form to Any API",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"versions": [`
			`{`
			`"changes": [`
			`{`
			`"at": "1.1.3",`
			`"status": "unaffected"`
			`}`
			`],`
			`"lessThanOrEqual": "1.1.2",`
			`"status": "affected",`
			`"version": "n/a",`
			`"versionType": "custom"`
			`}`
			`],`
			`"defaultStatus": "unaffected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerability?_s_id=cve",`
			`"refsource": "MISC",`
			`"name": "https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerability?_s_id=cve"`
"-Synchronized-Data." 2023-11-14 04:00:35 +00:00			`},`
			`{`
			`"url": "http://packetstormsecurity.com/files/175654/WordPress-Contact-Form-To-Any-API-1.1.2-SQL-Injection.html",`
			`"refsource": "MISC",`
			`"name": "http://packetstormsecurity.com/files/175654/WordPress-Contact-Form-To-Any-API-1.1.2-SQL-Injection.html"`
"-Synchronized-Data." 2023-05-12 16:00:38 +00:00			`}`
			`]`
"-Synchronized-Data." 2023-11-04 00:00:34 +00:00			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.1.0-dev"`
			`},`
			`"source": {`
			`"discovery": "EXTERNAL"`
			`},`
			`"solution": [`
			`{`
			`"lang": "en",`
			`"supportingMedia": [`
			`{`
			`"base64": false,`
			`"type": "text/html",`
			`"value": "Update to 1.1.3 or a higher version."`
			`}`
			`],`
			`"value": "Update to\u00a01.1.3 or a higher version."`
			`}`
			`],`
			`"credits": [`
			`{`
			`"lang": "en",`
			`"value": "Arvandy (Patchstack Alliance)"`
			`}`
			`]`
"-Synchronized-Data." 2023-05-12 16:00:38 +00:00			`}`