cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forltl-freight-quotes-worldwide-express-edition ltl-freight-quotes-worldwide-express-edition

Direction: ascending
Jan 28, 2025

LTL Freight Quotes – Worldwide Express Edition # CVE-2025-24664

CVE, Research URL

CVE-2025-24664

Home page URL

Security reports for LTL Freight Quotes – Worldwide Express Edition

Application

LTL Freight Quotes – Worldwide Express Edition

Date
Jan 27, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eniture Technology LTL Freight Quotes – Worldwide Express Edition allows SQL Injection. This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.0.20.
Affected versions
Min -, max -.
Status
vulnerable
Feb 16, 2025

LTL Freight Quotes – Worldwide Express Edition # CVE-2024-13473

CVE, Research URL

CVE-2024-13473

Home page URL

Security reports for LTL Freight Quotes – Worldwide Express Edition

Application

LTL Freight Quotes – Worldwide Express Edition

Date
Feb 12, 2025
Research Description
The LTL Freight Quotes – Worldwide Express Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameter in all versions up to, and including, 5.0.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Affected versions
Min -, max -.
Status
vulnerable
May 06, 2025

LTL Freight Quotes – Worldwide Express Edition # CVE-2025-22291

CVE, Research URL

CVE-2025-22291

Home page URL

Security reports for LTL Freight Quotes – Worldwide Express Edition

Application

LTL Freight Quotes – Worldwide Express Edition

Date
Feb 17, 2025
Research Description
Missing Authorization vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.0.20.
Affected versions
Min -, max -.
Status
vulnerable

LTL Freight Quotes – Worldwide Express Edition # CVE-2025-22286

CVE, Research URL

CVE-2025-22286

Home page URL

Security reports for LTL Freight Quotes – Worldwide Express Edition

Application

LTL Freight Quotes – Worldwide Express Edition

Date
Feb 17, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition allows Reflected XSS. This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through 5.0.21.
Affected versions
Min -, max -.
Status
vulnerable