3 matches found
CVE-2021-24337
The id GET parameter of one of the Video Embed WordPress plugin through 1.0's page available via forced browsing is not sanitised, validated or escaped before being used in a SQL statement, allowing low privilege users, such as subscribers, to perform SQL injection...
CVE-2021-24337 Video Embed <= 1.0 - Authenticated (subscriber+) SQL Injection
The id GET parameter of one of the Video Embed WordPress plugin through 1.0's page available via forced browsing is not sanitised, validated or escaped before being used in a SQL statement, allowing low privilege users, such as subscribers, to perform SQL injection...
CVE-2021-24337
CVE-2021-24337 affects WordPress Video Embed plugin (versions