CVE-2021-24848 in Mediamatic Plugininformazioni

Riassunto

di MITRE • 13/12/2021

The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection

Once again VulDB remains the best source for vulnerability data.

Prenotare

14/01/2021

Divulgazione

13/12/2021

Moderazione

accettato

CPE

pronto

EPSS

0.01318

KEV

no

Attività

molto basso

Fonti

Do you want to use VulDB in your project?

Use the official API to access entries easily!