Lucene search
WPScanCVELIST:CVE-2021-24778HistoryMar 07, 2022 - 8:15 a.m.
CVE-2021-24778 Tradetracker-Store < 4.6.60 - Admin+ SQL Injection
2022-03-0708:15:58
CWE-89
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
37.9%
The test parameter of the xmlfeed in the Tradetracker-Store WordPress plugin before 4.6.60 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
CNA Affected
[
{
"product": "Tradetracker-Store",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.6.60",
"status": "affected",
"version": "4.6.60",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress Tradetracker-Store SQL注入漏洞
2022-03-09 00:00:00
cve
cve
CVE-2021-24778
2022-03-07 09:15:07
prion
prion
Sql injection
2022-03-07 09:15:00
nvd
nvd
CVE-2021-24778
2022-03-07 09:15:07