CVE-2024-43286

HIGH

Squirrly SEO <12.3.19 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.3.19.

Scores

CVSS v3 8.5
EPSS 0.0050
EPSS Percentile 39.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-89
Status published
Products (2)
Squirrly/SEO Plugin by Squirrly SEO < 12.3.19
squirrly/seo_plugin_by_squirrly_seo < 12.3.20
Published Aug 18, 2024
Tracked Since Feb 18, 2026