CVE-2024-30497 - Vulnerability Details - OpenCVE

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
I13websolution	Wp Responsive Tabs

Configuration 1 [-]

cpe:2.3:a:i13websolution:wp_responsive_tabs:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://patchstack.com/database/vulnerability/responsive-horizontal-vertical-and-accordion-tabs/wordpress-wp-responsive-tabs-horizontal-vertical-and-accordion-tabs-plugin-1-1-17-sql-injection-vulnerability?_s_id=cve

History

Thu, 27 Feb 2025 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		I13websolution I13websolution wp Responsive Tabs
CPEs		cpe:2.3:a:i13websolution:wp_responsive_tabs::::::wordpress::*
Vendors & Products		I13websolution I13websolution wp Responsive Tabs

MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-03-29T13:59:24.530Z

Updated: 2024-08-02T01:38:59.606Z

Reserved: 2024-03-27T11:51:43.425Z

Link: CVE-2024-30497

Vulnrichment

Updated: 2024-07-05T15:20:42.696Z

NVD

Status : Analyzed

Published: 2024-03-29T14:15:12.997

Modified: 2025-02-27T14:53:37.577

Link: CVE-2024-30497

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-30497", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2024-03-27T11:51:43.425Z", "datePublished": "2024-03-29T13:59:24.530Z", "dateUpdated": "2024-08-02T01:38:59.606Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "responsive-horizontal-vertical-and-accordion-tabs", "product": "WP Responsive Tabs horizontal vertical and accordion Tabs", "vendor": "I Thirteen Web Solution", "versions": [{"changes": [{"at": "1.1.18", "status": "unaffected"}], "lessThanOrEqual": "1.1.17", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "LVT-tholv2k (Patchstack Alliance)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.<p>This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17.</p>"}], "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2024-03-29T13:59:24.530Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/vulnerability/responsive-horizontal-vertical-and-accordion-tabs/wordpress-wp-responsive-tabs-horizontal-vertical-and-accordion-tabs-plugin-1-1-17-sql-injection-vulnerability?_s_id=cve"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to 1.1.18 or a higher version."}], "value": "Update to 1.1.18 or a higher version."}], "source": {"discovery": "EXTERNAL"}, "title": "WordPress WP Responsive Tabs horizontal vertical and accordion Tabs plugin <= 1.1.17 - SQL Injection vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-30497", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-29T15:08:02.989945Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:22:21.987Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:38:59.606Z"}, "title": "CVE Program Container", "references": [{"tags": ["vdb-entry", "x_transferred"], "url": "https://patchstack.com/database/vulnerability/responsive-horizontal-vertical-and-accordion-tabs/wordpress-wp-responsive-tabs-horizontal-vertical-and-accordion-tabs-plugin-1-1-17-sql-injection-vulnerability?_s_id=cve"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-30497", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-29T15:08:02.989945Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:42.696Z"}}], "cna": {"title": "WordPress WP Responsive Tabs horizontal vertical and accordion Tabs plugin <= 1.1.17 - SQL Injection vulnerability", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "LVT-tholv2k (Patchstack Alliance)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "I Thirteen Web Solution", "product": "WP Responsive Tabs horizontal vertical and accordion Tabs", "versions": [{"status": "affected", "changes": [{"at": "1.1.18", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "1.1.17"}], "packageName": "responsive-horizontal-vertical-and-accordion-tabs", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to 1.1.18 or a higher version.", "supportingMedia": [{"type": "text/html", "value": "Update to 1.1.18 or a higher version.", "base64": false}]}], "references": [{"url": "https://patchstack.com/database/vulnerability/responsive-horizontal-vertical-and-accordion-tabs/wordpress-wp-responsive-tabs-horizontal-vertical-and-accordion-tabs-plugin-1-1-17-sql-injection-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17.\n\n", "supportingMedia": [{"type": "text/html", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.<p>This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2024-03-29T13:59:24.530Z"}}}, "cveMetadata": {"cveId": "CVE-2024-30497", "state": "PUBLISHED", "dateUpdated": "2024-07-05T17:22:21.987Z", "dateReserved": "2024-03-27T11:51:43.425Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2024-03-29T13:59:24.530Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:i13websolution:wp_responsive_tabs:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "3241F3A8-6ECE-4606-B331-EB95B190ACD8", "versionEndExcluding": "1.1.18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17.\n\n"}, {"lang": "es", "value": "Neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.. Este problema afecta a WP Responsive Tabs horizontal vertical and accordion Tabs: desde n/a hasta 1.1. 17."}], "id": "CVE-2024-30497", "lastModified": "2025-02-27T14:53:37.577", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 4.7, "source": "audit@patchstack.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-29T14:15:12.997", "references": [{"source": "audit@patchstack.com", "tags": ["Third Party Advisory"], "url": "https://patchstack.com/database/vulnerability/responsive-horizontal-vertical-and-accordion-tabs/wordpress-wp-responsive-tabs-horizontal-vertical-and-accordion-tabs-plugin-1-1-17-sql-injection-vulnerability?_s_id=cve"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://patchstack.com/database/vulnerability/responsive-horizontal-vertical-and-accordion-tabs/wordpress-wp-responsive-tabs-horizontal-vertical-and-accordion-tabs-plugin-1-1-17-sql-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "audit@patchstack.com", "type": "Secondary"}]}