Vulnerabilities > Themetechmount

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-08	CVE-2024-6924	SQL Injection vulnerability in Themetechmount Truebooker The TrueBooker WordPress plugin before 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. network low complexity themetechmount CWE-89 critical	9.8
2024-09-08	CVE-2024-6925	Cross-Site Request Forgery (CSRF) vulnerability in Themetechmount Truebooker The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. network low complexity themetechmount CWE-352	4.3

Vulnerabilities > Themetechmount {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Themetechmount"}]}