Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-24849
HistoryDec 21, 2021 - 9:15 a.m.

Sql injection

2021-12-2109:15:00
PRIOn knowledge base
www.prio-n.com
4

9.5 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

89.9%

The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections

9.5 High

AI Score

Confidence

High

0.024 Low

EPSS

Percentile

89.9%