CVE-2021-24580

September 2, 2021

The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue

Summary:

The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue

Reference Links(if available):

  • https://wpscan.com/vulnerability/2faccd1b-4b1c-4b3e-b917-de2d05e860f8

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    cybersecurity

    Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]ebir[.]com/

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]saglobal[.]com/

    April 23, 2024