Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24303
HistorySep 06, 2021 - 11:09 a.m.

CVE-2021-24303 JiangQie Official Website Mini Program < 1.1.1 - Authenticated SQL Injection

2021-09-0611:09:18
CWE-89
WPScan
www.cve.org

0.001 Low

EPSS

Percentile

50.1%

The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues

CNA Affected

[
  {
    "product": "JiangQie Official Website Mini Program",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.1.1",
        "status": "affected",
        "version": "1.1.1",
        "versionType": "custom"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

50.1%

Related for CVELIST:CVE-2021-24303