Lucene search
China National Vulnerability DatabaseCNVD-2022-09987HistoryFeb 10, 2022 - 12:00 a.m.
WordPress Wicked Folders plugin SQL injection vulnerability
2022-02-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
38.6%
WordPress is a set of blogging platform developed by the WordPress Foundation using the PHP language. WordPress Wicked Folders plugin in version 2.8.10 has a SQL injection vulnerability, which stems from the failure to filter and escape the oder_id parameter, and can be used by attackers to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wicked folders plugin | eq | 2.8.10 |
Related
nvd
nvd
CVE-2021-24919
2022-02-01 13:15:08
wpvulndb
wpvulndb
Wicked Folders < 2.18.10 - Subscriber+ SQL Injection
2022-01-03 00:00:00
cve
cve
CVE-2021-24919
2022-02-01 13:15:08
patchstack
patchstack
prion
prion
Sql injection
2022-02-01 13:15:00
wpexploit
wpexploit
Wicked Folders < 2.18.10 - Subscriber+ SQL Injection
2022-01-03 00:00:00
cvelist
cvelist
CVE-2021-24919 Wicked Folders < 2.18.10 - Subscriber+ SQL Injection
2022-02-01 12:21:30