Visualizer < 3.11.2 – Authenticated (Subscriber+) SQL Injection | CVE 2024-35736 | Plugin Vulnerabilities

Description

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the saveQuery function() in all versions up to, and including, 3.11.1 due to a missing capability check on a function that runs SQL Queries. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Affects Plugins

Fixed in 3.11.2

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/c1528125-9d26-40a2-9591-4220c18cef37

Classification

Type

SQLI

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

Trương Hữu Phúc (truonghuuphuc)

Verified

No

WPVDB ID

e4165b06-82ea-4e77-a7e5-ba9ffaa95b0c

Timeline

Publicly Published

2024-06-06 (about 1 year ago)

Added

2024-06-13 (about 1 year ago)

Last Updated

2024-06-13 (about 1 year ago)

Other

Published

Title

Published

2025-03-27

Title

bizcalendar-web < 1.1.0.35 - Authenticated (Administrator+) SQL Injection

Published

2014-12-03

Title

Cart66 Lite < 1.5.2 - Blind SQL Injection

Published

2025-07-01

Title

NGG Smart Image Search < 3.4.3 - Unauthenticated SQL Injection

Published

2021-07-24

Title

Timeline Calendar <= 1.2 - Authenticated (admin+) SQL Injection

Published

2025-03-31

Title

Salesmate Add-On for Gravity Forms < 2.0.4 - Unauthenticated SQL Injection