• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-24385

February 23, 2023 by

The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This is a major vulnerability as the user input is not escaped and passed directly to the get_col function and it allows SQL injection. The Rest API endpoint which invokes this function also does not have any required permissions/authentication and can be accessed by an anonymous user.

CVE-2021-24390

February 23, 2023 by

A proid GET parameter of the WordPress支付�Alipay|财付通Tenpay|��PayPal集��件 WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.

CVE-2021-24391

February 23, 2023 by

An editid GET parameter of the Cashtomer WordPress plugin through 1.0.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

CVE-2021-24392

February 23, 2023 by

An id GET parameter of the WordPress Membership SwiftCloud.io WordPress plugin through 1.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

CVE-2021-24393

February 23, 2023 by

A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

CVE-2021-24394

February 23, 2023 by

An id GET parameter of the Easy Testimonial Manager WordPress plugin through 1.2.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 655
  • Go to page 656
  • Go to page 657
  • Go to page 658
  • Go to page 659
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE