Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2021-24869
HistoryJan 16, 2024 - 3:49 p.m.

CVE-2021-24869 WP Fastest Cache < 0.9.5 - Subscriber+ SQL Injection

2024-01-1615:49:39
WPScan
www.cve.org
5
wordpress
sql injection
low privilege

EPSS

0.001

Percentile

19.3%

JSON

The WP Fastest Cache WordPress plugin before 0.9.5 does not escape user input in the set_urls_with_terms method before using it in a SQL statement, leading to an SQL injection exploitable by low privilege users such as subscriber

CNA Affected

[
  {
    "vendor": "Unknown",
    "product": "WP Fastest Cache",
    "versions": [
      {
        "status": "affected",
        "versionType": "semver",
        "version": "0",
        "lessThan": "0.9.5"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Related

prion 1
nvd 1
malwarebytes 1
wpvulndb 1
cve 1
openvas 1
prion
prion
Sql injection
2024-01-16 16:15:00
nvd
nvd
CVE-2021-24869
2024-01-16 16:15:09
malwarebytes
malwarebytes
Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache
2021-10-18 13:37:17
wpvulndb
wpvulndb
WP Fastest Cache < 0.9.5 - Subscriber+ SQL Injection
2021-10-14 00:00:00
cve
cve
CVE-2021-24869
2024-01-16 16:15:09
openvas
openvas
WordPress WP Fastest Cache Plugin < 0.9.5 Multiple Vulnerabilities
2021-11-03 00:00:00

EPSS

0.001

Percentile

19.3%

JSON
Related for CVELIST:CVE-2021-24869
prion1nvd1malwarebytes1wpvulndb1cve1openvas1