CVE-2024-33273 Information

Description

SQL injection vulnerability in shipup before v.3.3.0 allows a remote attacker to escalate privileges via the getShopID function.

Reference

https://www.shipup.co/fr https://security.friendsofpresta.org/modules/2024/04/29/shipup.html