June 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
North Korean Threat Actors Deploy Flutter-Based Malware to Target macOS Users – Active IOCs
November 13, 2024
Multiple Microsoft Windows Task Scheduler and NTLM Vulnerabilities Exploit in the Wild
November 13, 2024
North Korean Threat Actors Deploy Flutter-Based Malware to Target macOS Users – Active IOCs
November 13, 2024
Multiple Microsoft Windows Task Scheduler and NTLM Vulnerabilities Exploit in the Wild
November 13, 2024
Severity
High
Analysis Summary
CVE-2024-51820 CVSS:8.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in L Squared Support L Squared Hub WP allows SQL Injection.
CVE-2024-51837 CVSS:8.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SONS Creative Development WP Contest allows SQL Injection.
CVE-2024-51843 CVSS:8.5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Olland.Biz Horsemanager allows Blind SQL Injection.
Impact
- Data Manipulation
Indicators of Compromise
CVE
- CVE-2024-51820
- CVE-2024-51837
- CVE-2024-51843
Affected Vendors
WordPress
Affected Products
- L Squared Support L Squared Hub WP - n/a
- SONS Creative Development WP Contest - n/a
- Olland.biz Horsemanager - n/a
Remediation
Upgrade to the latest version, available from the WordPress Plugin Directory.