exploitDog

CVE-2021-24919

Опубликовано: 01 фев. 2022

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id parameter before using it in a SQL statement in the wicked_folders_save_sort_order AJAX action, available to any authenticated user. leading to an SQL injection

Ссылки

https://plugins.trac.wordpress.org/changeset/2651221
Patch
Third Party Advisory
https://wpscan.com/vulnerability/f472ec7d-765c-4266-ab9c-e2d06703ebb4
Exploit
Third Party Advisory
https://plugins.trac.wordpress.org/changeset/2651221
Patch
Third Party Advisory
https://wpscan.com/vulnerability/f472ec7d-765c-4266-ab9c-e2d06703ebb4
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wickedplugins:wicked_folders:*:*:*:*:*:wordpress:*:*

Версия до 2.18.10 (исключая)

EPSS

Процентиль: 75%

0.00879

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-prjm-frg6-hj3q

github

около 4 лет назад

The Wicked Folders WordPress plugin before 2.8.10 does not sanitise and escape the folder_id parameter before using it in a SQL statement in the wicked_folders_save_sort_order AJAX action, available to any authenticated user. leading to an SQL injection

EPSS

Процентиль: 75%

0.00879

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-89