Vulnerabilities

CVE-2021-24747

by Fred · 13/12/2021

The SEO Booster WordPress plugin through 3.7 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST[‘order’][0][‘dir’] parameter is not properly escaped leading to blind and error-based SQL injections.

Date published : 2021-12-13

https://wpscan.com/vulnerability/40849d93-8949-4bd0-b60e-c0330b385fea

Similar

Tags: Cybersecurity Alert