CVE-2024-49618

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-49618
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks mytweetlinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through <= 1.1.1.

8.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.1 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References
Link Resource
https://patchstack.com/database/Wordpress/Plugin/mytweetlinks/vulnerability/wordpress-mytweetlinks-plugin-1-1-1-sql-injection-vulnerability?_s_id=cve
Configurations

Configuration 1 (hide)

cpe:2.3:a:jordanlyall:mytweetlinks:*:*:*:*:*:wordpress:*:*
History

23 Apr 2026, 15:19

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.8 		v2 : unknown
v3 : 8.5

01 Apr 2026, 16:18

Type Values Removed Values Added
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through 1.1.1. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks mytweetlinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through <= 1.1.1.
References
  • {'url': 'https://patchstack.com/database/vulnerability/mytweetlinks/wordpress-mytweetlinks-plugin-1-1-1-sql-injection-vulnerability?_s_id=cve', 'tags': ['Third Party Advisory'], 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/Wordpress/Plugin/mytweetlinks/vulnerability/wordpress-mytweetlinks-plugin-1-1-1-sql-injection-vulnerability?_s_id=cve -

22 Oct 2024, 16:50

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.5 		v2 : unknown
v3 : 8.8
References () https://patchstack.com/database/vulnerability/mytweetlinks/wordpress-mytweetlinks-plugin-1-1-1-sql-injection-vulnerability?_s_id=cve - () https://patchstack.com/database/vulnerability/mytweetlinks/wordpress-mytweetlinks-plugin-1-1-1-sql-injection-vulnerability?_s_id=cve - Third Party Advisory
CPE cpe:2.3:a:jordanlyall:mytweetlinks:*:*:*:*:*:wordpress:*:*
First Time Jordanlyall
Jordanlyall mytweetlinks

21 Oct 2024, 17:09

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en MyTweetLinks de Jordan Lyall permite la inyección SQL ciega. Este problema afecta a MyTweetLinks: desde n/a hasta 1.1.1.

20 Oct 2024, 10:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-20 10:15

Updated : 2026-04-23 15:19

NVD link : CVE-2024-49618

Mitre link : CVE-2024-49618

CVE.ORG link : CVE-2024-49618

JSON object : View

Products Affected

jordanlyall

  • mytweetlinks
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')