Lucene search
China National Vulnerability DatabaseCNVD-2021-102789HistoryDec 26, 2021 - 12:00 a.m.
WordPress WooCommerce Multivendor Marketplace SQL Injection Vulnerability
2021-12-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.024 Low
EPSS
Percentile
89.9%
WordPress is the WordPress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. SQL injection vulnerability exists in versions of the WordPress WooCommerce Multivendor Marketplace plugin prior to 3.4.12. The vulnerability stems from the application’s lack of validation of externally entered SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress woocommerce multivendor marketplace plugin | lt | 3.4.12 |
Related
prion
prion
Sql injection
2021-12-21 09:15:00
patchstack
patchstack
nvd
nvd
CVE-2021-24849
2021-12-21 09:15:07
wpvulndb
wpvulndb
wpexploit
wpexploit
cvelist
cvelist
nuclei
nuclei
WCFM WooCommerce Multivendor Marketplace < 3.4.12 - SQL Injection
2024-02-13 04:02:40
cve
cve
CVE-2021-24849
2021-12-21 09:15:07