← voltar
CVE-2021-24360

Yes/No Chart < 1.0.12 - Authenticated (contributor+) Blind SQL Injection

EPSS 1.2%CWE-89
The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users (contributor+) to perform Blind SQL Injection attacks
Produtos afetados
Unknown · Yes/No Chart

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://wpscan.com/vulnerability/d9586453-cc5c-4d26-bb45-a6370c9427fe