CVE-2021-24138

AdRotate < 5.8.4 - Authenticated SQL Injection

EPSS 1.2%CWE-89

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user.

Affected products

Unknown · AdRotate

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wpscan.com/vulnerability/aafac655-3616-4b27-9d0f-1cbc2faf0151