CVE-2021-24858
WP Cookie User Info < 1.0.9 - Admin+ SQL Injection
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →