Vulnerabilities

CVE-2021-24858

by Fred · 24/01/2022

The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection

Date published : 2022-01-24

https://wpscan.com/vulnerability/9bd1c040-09cc-4c2d-88c9-8406a653a48b

Similar

Tags: Cybersecurity Alert