Lucene search

CVE-2021-24400

🗓️ 20 Sep 2021 10:08:15Reported by WPScanType

The Edit Role functionality in the Display Users WordPress plugin through 2.0.0 is prone to SQL injection

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2021-24400 Display users <= 2.0.0 - Authenticated SQL Injection	20 Sep 202110:06	–	cvelist
NVD	CVE-2021-24400	20 Sep 202110:15	–	nvd
Prion	Sql injection	20 Sep 202110:15	–	prion
wpexploit	Display users <= 2.0.0 - Authenticated SQL Injection	22 Aug 202100:00	–	wpexploit
Patchstack	WordPress Display Users plugin <= 2.0.0 - Authenticated SQL Injection (SQLi) vulnerability	22 Aug 202100:00	–	patchstack
WPVulnDB	Display users <= 2.0.0 - Authenticated SQL Injection	22 Aug 202100:00	–	wpvulndb

Nvd

Vulners

Node

wp-display-users_project wp-display-usersRange≤2.0.0wordpress

[
  {
    "product": "Display Users",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThanOrEqual": "2.0.0",
        "status": "affected",
        "version": "2.0.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
codevigilant	www.codevigilant.com/disclosure/2021/wp-plugin-wp-display-users/
wpscan	www.wpscan.com/vulnerability/614cf338-c8cf-4570-ae83-4f79cbdcc9d5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Sep 2021 10:15Current

7.2High risk

Vulners AI Score7.2

CVSS26.5

CVSS37.2

EPSS0.002

CWE-89