← Back to CVE List
CVE-2024-9828
The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'load_orders' parameter and uses it in a SQL statement, allowing high privilege users such as admin to perform SQL Injection attacks
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt