3 matches found
CVE-2021-24348
The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue...
CVE-2021-24348
The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue...
CVE-2021-24348
The CVE-2021-24348 affects the WordPress Side Menu plugin (versions before 3.1.5). The vulnerability arises in the menu delete functionality where an administrator-accessible did GET parameter is interpolated into an SQL statement without proper sanitisation, validation, or escaping, enabling SQL...