2 matches found
CVE-2021-24314 Goto < 2.1 - Unauthenticated Blind SQL Injection
The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it in a SQL statement, leading to an Unauthenticated SQL injection issue...
CVE-2021-24314
CVE-2021-24314 affects the Goto WordPress theme prior to 2.1. The vulnerability arises from failure to sanitize/validate/escape the GET parameter used on the theme’s listing page, allowing an unauthenticated SQL injection via the keywords parameter. Public references (CVE records, WPVulnDB, and P...