CVE-2024-49681
CRITICALSWIT WP Sessions Time Monitoring Full Automatic <1.0.9 - SQL Injection
Title source: llmDescription
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SWIT WP Sessions Time Monitoring Full Automatic allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through 1.0.9.
Exploits (1)
nomisec
WORKING POC
3 stars
by RandomRobbieBF · poc
https://github.com/RandomRobbieBF/CVE-2024-49681
Scores
CVSS v3
9.3
EPSS
0.4480
EPSS Percentile
97.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Classification
CWE
CWE-89
Status
draft
Timeline
Published
Oct 24, 2024
Tracked Since
Feb 18, 2026