Description A SQL injection risk flaw was found in the XMLDB editor tool available to site administrators. Remediation References CVE-2024-43436 Related Vulnerabilities WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.10) WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9036) Oracle Database Server CVE-2014-6455 Vulnerability (CVE-2014-6455) Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-14033) WordPress Plugin Otter-Gutenberg Blocks-Page Builder for Gutenberg Editor & FSE PHAR Deserialization (2.2.5) Severity High Classification CVE-2024-43436 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities