3 matches found
CVE-2021-24758
The Email Log WordPress plugin before 2.4.7 does not properly validate, sanitise and escape the "orderby" and "order" GET parameters before using them in SQL statement in the admin dashboard, leading to SQL injections...
CVE-2021-24758
CVE-2021-24758 affects the WordPress Email Log plugin prior to 2.4.7. The vulnerability arises from improper validation, sanitisation and escaping of the orderby and order GET parameters used in SQL within the admin dashboard, enabling SQL injection. A fix exists in version 2.4.7 (upgrade to 2.4....
CVE-2021-24758 Email Log < 2.4.7 - Admin+ SQL Injection
The Email Log WordPress plugin before 2.4.7 does not properly validate, sanitise and escape the "orderby" and "order" GET parameters before using them in SQL statement in the admin dashboard, leading to SQL injections...