CVE-2021-24952 in Conversios.io Plugin정보

요약

\~에 의해 MITRE • 2022. 03. 07.

The Conversios.io WordPress plugin before 4.6.2 does not sanitise, validate and escape the sync_progressive_data parameter for the tvcajax_product_sync_bantch_wise AJAX action before using it in a SQL statement, allowing any authenticated user to perform SQL injection attacks.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

출처

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!