Vulners
Lucene search
CVE-2021-24507
🗓️ 09 Aug 2021 10:04:12Reported by WPScanType 
cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 63 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
 | WordPress SQL注入漏洞 | 9 Aug 202100:00 | – | cnnvd |
 | WordPress Astra Pro Addon Plugin SQL Injection Vulnerability | 10 Aug 202100:00 | – | cnvd |
 | CVE-2021-24507 Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection | 9 Aug 202110:04 | – | cvelist |
 | CVE-2021-24507 | 9 Aug 202110:15 | – | nvd |
 | CVE-2021-24507 | 9 Aug 202110:15 | – | osv |
 | WordPress Astra Pro premium plugin <= 3.5.1 - Unauthenticated SQL Injection (SQLi) vulnerability | 8 Jul 202100:00 | – | patchstack |
 | Sql injection | 9 Aug 202110:15 | – | prion |
 | CVE-2021-24507 | 22 May 202521:05 | – | redhatcve |
 | Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection | 8 Jul 202100:00 | – | wpexploit |
 | Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection | 8 Jul 202100:00 | – | wpvulndb |
10
Node
[
{
"product": "Astra Pro Addon",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.5.2",
"status": "affected",
"version": "3.5.2",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| query_vars | request body | wp-admin/admin-ajax.php | SQL injection via unsanitized POST parameter in Astra pagination infinite AJAX actions | CWE-89 |
| query_vars | request body | wp-admin/admin-ajax.php | SQL injection via unsanitized POST parameter in Astra Shop pagination infinite AJAX actions | CWE-89 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Nov 2024 05:53Current
9.8High risk
Vulners AI Score9.8
CVSS 27.5
CVSS 3.19.8
EPSS0.44195