2 matches found
CVE-2021-24138
Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user...
CVE-2021-24138
CVE-2021-24138 affects the AdRotate WordPress plugin (versions before 5.8.4). The vulnerability is an authenticated SQL injection via the id parameter caused by unvalidated input, requiring an admin user to exploit. Multiple connected sources corroborate this flaw and describe practical PoCs and ...