4 matches found
CVE-2021-24627
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection...
CVE-2021-24627
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection...
CVE-2021-24627 G Auto-Hyperlink <= 1.0.1 - Admin+ SQL Injection
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection...
CVE-2021-24627
The CVE-2021-24627 entry concerns the WordPress plugin G Auto-Hyperlink (versions up to 1.0.1). The vulnerability arises from insufficient sanitization/escaping of the id GET parameter, which is interpolated into a SQL statement used to fetch data for the admin dashboard. This yields an authentic...