EUVD-2021-11297

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Filebird Plugin 4.7.3 has a SQL injection vulnerability due to unescaped user input in HTTP requests.

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress 插件 SQL注入漏洞	12 Jul 202100:00	–	cnnvd
CNVD	WordPress plugin has an unspecified vulnerability (CNVD-2021-59593)	14 Jul 202100:00	–	cnvd
CVE	CVE-2021-24385	12 Jul 202119:20	–	cve
Cvelist	CVE-2021-24385 Filebird 4.7.3 - Unauthenticated SQL Injection	12 Jul 202119:20	–	cvelist
NVD	CVE-2021-24385	12 Jul 202120:15	–	nvd
OpenVAS	WordPress Filebird plugin 4.7.3 SQLi Vulnerability	20 Jul 202100:00	–	openvas
Patchstack	WordPress Filebird plugin 4.7.3 - Unauthenticated SQL Injection (SQLi) vulnerability	16 Jun 202100:00	–	patchstack
Prion	Sql injection	12 Jul 202120:15	–	prion
RedhatCVE	CVE-2021-24385	22 May 202521:05	–	redhatcve
wpexploit	Filebird 4.7.3 - Unauthenticated SQL Injection	16 Jun 202100:00	–	wpexploit

[
  {
    "enisaIdVendor": [
      {
        "id": "0ca3acd5-7248-3226-a301-2542757e1570",
        "vendor": {
          "name": "Ninja Team"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "a52fb84f-10f3-30ad-b3a7-a4619e99dee3",
        "product": {
          "name": "FileBird – WordPress Media Library Folders & File Manager"
        },
        "product_version": "4.7.3 <4.7.3*"
      },
      {
        "id": "b5ad0308-5c95-3c9b-8d08-1523931a7e34",
        "product": {
          "name": "FileBird – WordPress Media Library Folders & File Manager"
        },
        "product_version": "4.7.4 <4.7.4"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/754ac750-0262-4f65-b23e-d5523995fbfa
10up	www.10up.com/blog/2021/security-vulnerability-filebird-wordpress-plugin/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.2High risk

Vulners AI Score9.2

CVSS 3.19.8

CVSS 27.5

EPSS0.09019