Lucene search
K

90 matches found

Exploit DB
Exploit DB
added 2022/02/10 12:0 a.m.329 views

WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection (Unauthenticated)

Exploit Title: WordPress Plugin Secure Copy Content Protection and Content Locking 2.8.1 - SQL-Injection Unauthenticated Date 08.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://ays-pro.com/ Software Link:...

9.8CVSS9.8AI score0.78812EPSS
Exploits7
CNVD
CNVD
added 2021/12/09 12:0 a.m.35 views

WordPress Secure Copy Content Protection and Content Locking plugin SQL injection vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. The WordPress Secure Copy Content Protection and Content Locking plugin has a SQL injection vulnerabili...

9.8CVSS2.2AI score0.78812EPSS
Exploits7References1
CNNVD
CNNVD
added 2021/12/06 12:0 a.m.21 views

WordPress SQL注入漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. The WordPress Secure Copy Content Protection and Content Locking plugin has a SQL injection vulnerabili...

9.8CVSS5.9AI score0.78812EPSS
Exploits7References4
wpexploit
wpexploit
added 2021/11/08 12:0 a.m.135 views

Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection

The plugin does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an SQL injection...

9.8CVSS9.5AI score0.78812EPSS
Exploits7
Patchstack
Patchstack
added 2021/11/08 12:0 a.m.31 views

WordPress Secure Copy Content Protection and Content Locking plugin <= 2.8.1 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability discovered by Krzysztof Zając in WordPress Secure Copy Content Protection and Content Locking plugin versions = 2.8.1. Solution Update the WordPress Secure Copy Content Protection and Content Locking plugin to the latest available version at least...

9.8CVSS3.3AI score0.78812EPSS
Exploits7References3Affected Software1
WPVulnDB
WPVulnDB
added 2021/11/08 12:0 a.m.31 views

Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection

The plugin does not escape the sccpid parameter of the ayssccpresultsexportfile AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an SQL injection. PoC...

9.8CVSS9.3AI score0.78812EPSS
Exploits7Affected Software1
NVD
NVD
added 2021/08/02 11:15 a.m.23 views

CVE-2021-24484

The getreports function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

7.2CVSS0.01344EPSS
Exploits2References1
Prion
Prion
added 2021/08/02 11:15 a.m.12 views

Sql injection

The getreports function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

6.5CVSS7.3AI score0.01344EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2021/08/02 10:32 a.m.55 views

CVE-2021-24484

The CVE-2021-24484 entry concerns the WordPress plugin Secure Copy Content Protection and Content Locking (versions before 2.6.7). The vulnerability arises in the plugin’s get_reports() function, which did not whitelist/validate the orderby parameter before it is used in SQL statements passed to ...

7.2CVSS7.2AI score0.01344EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2021/06/29 12:0 a.m.22 views

WordPress Secure Copy Content Protection and Content Locking plugin <= 2.6.6 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability discovered by To Quang Duong in WordPress Secure Copy Content Protection and Content Locking plugin versions = 2.6.6. Solution Update the WordPress Secure Copy Content Protection and Content Locking plugin to the latest available version at lea...

7.2CVSS3.2AI score0.01344EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder