{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T19:43:30.166","vulnerabilities":[{"cve":{"id":"CVE-2024-30242","sourceIdentifier":"audit@patchstack.com","published":"2024-03-28T05:15:52.653","lastModified":"2026-06-17T07:26:35.310","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a through 1.1.8."},{"lang":"es","value":"Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"inyección SQL\") en IT Path Solutions Contact Form to Any API. Este problema afecta el formulario de contacto para cualquier API: desde n/a hasta 1.1.8."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"IT Path Solutions","product":"Contact Form to Any API","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"contact-form-to-any-api","versions":[{"version":"n/a","lessThanOrEqual":"1.1.8","versionType":"custom","status":"affected","changes":[{"at":"1.1.9","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-09T13:23:20.160535Z","id":"CVE-2024-30242","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-8-subscriber-sql-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"},{"url":"https://patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-8-subscriber-sql-injection-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}