2 matches found
CVE-2021-24754 MainWP Child Reports < 2.0.8 - Admin+ SQL Injection
The MainWP Child Reports WordPress plugin before 2.0.8 does not validate or sanitise the order parameter before using it in a SQL statement in the admin dashboard, leading to an SQL injection issue...
CVE-2021-24754
CVE-2021-24754 affects the WordPress MainWP Child Reports plugin prior to version 2.0.8. The vulnerability arises from lack of validation/sanitization of the order parameter in the admin dashboard SQL statement, enabling SQL injection. Public sources (Red Hat, CVE listings, and vulnerability trac...