Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.11 views

CVE-2021-24507

The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astrapaginationinfinite and astrashoppaginationinfinite AJAX action available to both unauthenticated and authenticated user before using them in SQL statement, leading to an...

9.8CVSS7.7AI score0.11302EPSS
Exploits2References1
CNVD
CNVD
added 2021/08/10 12:0 a.m.28 views

WordPress Astra Pro Addon Plugin SQL Injection Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress Astra Pro Addon Plugin versions prior to 3.5.2, which stems...

9.8CVSS9.9AI score0.11302EPSS
Exploits2References1
NVD
NVD
added 2021/08/09 10:15 a.m.14 views

CVE-2021-24507

The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astrapaginationinfinite and astrashoppaginationinfinite AJAX action available to both unauthenticated and authenticated user before using them in SQL statement, leading to an...

9.8CVSS0.11302EPSS
Exploits2References2
Cvelist
Cvelist
added 2021/08/09 10:4 a.m.22 views

CVE-2021-24507 Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection

The Astra Pro Addon WordPress plugin before 3.5.2 did not properly sanitise or escape some of the POST parameters from the astrapaginationinfinite and astrashoppaginationinfinite AJAX action available to both unauthenticated and authenticated user before using them in SQL statement, leading to an...

10AI score0.11302EPSS
Exploits2References2
CVE
CVE
added 2021/08/09 10:4 a.m.74 views

CVE-2021-24507

The CVE-2021-24507 case concerns the Astra Pro Addon WordPress plugin prior to 3.5.2, where POST parameters from the astra_pagination_infinite and astra_shop_pagination_infinite AJAX actions were not properly sanitised/escaped before being used in SQL statements. This (server-side) vulnerability ...

9.8CVSS9.8AI score0.11302EPSS
Exploits2References2Affected Software1
WPVulnDB
WPVulnDB
added 2021/07/08 12:0 a.m.33 views

Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection

The plugin did not properly sanitise or escape some of the POST parameters from the astrapaginationinfinite and astrashoppaginationinfinite AJAX action available to both unauthenticated and authenticated user before using them in SQL statement, leading to an SQL Injection issues PoC Via...

7.5CVSS9.8AI score0.11302EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2021/07/08 12:0 a.m.213 views

Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection

The plugin did not properly sanitise or escape some of the POST parameters from the astrapaginationinfinite and astrashoppaginationinfinite AJAX action available to both unauthenticated and authenticated user before using them in SQL statement, leading to an SQL Injection issues Via...

7.5CVSS0.9AI score0.11302EPSS
Exploits2References1
Rows per page
Query Builder