CVE-2024-13321 [CRITICAL] :

The AnalyticsWP plugin for WordPress is vulnerable to SQL Injection via the 'custom_sql' parameter in all versions up to, and including, 2.0.0 due to insufficient authorization checks on the handle_get_stats() function. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Image Hunter

osint

Image Hunter is a one-stop-shop for all your imagery and elevation data needs. These short videos will help you make the most of our search engine, from saving imagery searches to submitting your quote. If you have any questions that are not answered here, please send us an email at sales@apollomapping.com.

Visit Website