{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2023-24410", "ASSIGNER": "audit@patchstack.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin \u2013 Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin \u2013 Fastest Contact Form Builder Plugin for WordPress by Fluent Forms: from n/a through 4.3.25.\n\n" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "cweId": "CWE-89" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Contact Form - WPManageNinja LLC", "product": { "product_data": [ { "product_name": "Contact Form Plugin \u2013 Fastest Contact Form Builder Plugin for WordPress by Fluent Forms", "version": { "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { "versions": [ { "changes": [ { "at": "5.0.0", "status": "unaffected" } ], "lessThanOrEqual": "4.3.25", "status": "affected", "version": "n/a", "versionType": "custom" } ], "defaultStatus": "unaffected" } } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://patchstack.com/database/vulnerability/fluentform/wordpress-fluentform-plugin-4-3-25-sql-injection-vulnerability?_s_id=cve", "refsource": "MISC", "name": "https://patchstack.com/database/vulnerability/fluentform/wordpress-fluentform-plugin-4-3-25-sql-injection-vulnerability?_s_id=cve" } ] }, "generator": { "engine": "Vulnogram 0.1.0-dev" }, "source": { "discovery": "EXTERNAL" }, "solution": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Update to 5.0.0 or a higher version." } ], "value": "Update to\u00a05.0.0 or a higher version." } ], "credits": [ { "lang": "en", "value": "Ravi Dharmawan (Patchstack Alliance)" } ] }