Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-24492
HistoryAug 02, 2021 - 11:15 a.m.

Sql injection

2021-08-0211:15:00
PRIOn knowledge base
www.prio-n.com
1

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.3%

The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtst_previewShortcodeInstanceId POST parameter before using it in a SQL statement, leading to an SQL Injection issue.

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.3%