Lucene search
China National Vulnerability DatabaseCNVD-2023-06544HistoryFeb 16, 2022 - 12:00 a.m.
WordPress Futurio Extra plugin SQL injection vulnerability
2022-02-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
0.001 Low
EPSS
Percentile
24.8%
WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. A SQL injection vulnerability exists in versions of the WordPress Futurio Extra plugin prior to 1.6.3, which stems from a lack of filtering and escaping of SQL data submitted by users. A highly privileged attacker could exploit this vulnerability to extract data from the database.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress futurio extra plugin | lt | 1.6.3 |
Related
wpvulndb
wpvulndb
Futurio Extra < 1.6.3 - Authenticated SQL Injection
2022-01-04 00:00:00
wpexploit
wpexploit
Futurio Extra < 1.6.3 - Authenticated SQL Injection
2022-01-04 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2021-25109
2022-02-14 12:15:15
cvelist
cvelist
CVE-2021-25109 Futurio Extra < 1.6.3 - Authenticated SQL Injection
2022-02-14 09:20:52
cve
cve
CVE-2021-25109
2022-02-14 12:15:15
prion
prion
Cross site scripting
2022-02-14 12:15:00