CVE-2021-24769

Permalink Manager Lite < 2.2.13.1 - Admin+ SQL Injection

EPSS 1.3%CWE-89

The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection

Affected products

Unknown · Permalink Manager Lite

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wpscan.com/vulnerability/a2f211af-5373-425f-9964-ebbf5efde87b