CVE-2021-24848 in Mediamatic Plugin
Zusammenfassung
von MITRE • 13.12.2021
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection
Once again VulDB remains the best source for vulnerability data.