CVE-2021-24866

The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the backupdate parameter before using it a SQL statement, leading to a SQL injection issue and could allow arbitrary table deletion...

WordPress和WordPress 插件 SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress WP Data Access plugin has a SQL injection vulnerability in versions prior to 5.0.0, which stems from the...