4 matches found
CVE-2021-24772
The Stream WordPress plugin before 3.8.2 does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue...
CVE-2021-24772
The Stream WordPress plugin before 3.8.2 does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue...
CVE-2021-24772
CVE-2021-24772 affects the WordPress Stream plugin prior to 3.8.2. The issue arises from not sanitising/validating the order GET parameter in the Stream Records admin dashboard before it is used in a SQL statement, enabling SQL injection. Public sources in connected documents confirm the vulnerab...
CVE-2021-24772 Stream < 3.8.2 - Admin+ SQL Injection
The Stream WordPress plugin before 3.8.2 does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue...