Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:23 p.m.9 views

CVE-2021-24786

The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue...

7.2CVSS7.2AI score0.17484EPSS
Exploits5References1
Packet Storm
Packet Storm
added 2022/02/02 12:0 a.m.216 views

WordPress Download Monitor WordPress 4.4.4 SQL Injection

Exploit Title: Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection Authenticated Date 28.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.download-monitor.com/ Software Link: https://downloads.wordpress.org/plugin/download-monitor.4.4.4.zip Version: 4.4.5...

7.2CVSS7AI score0.17484EPSS
Exploits5
0day.today
0day.today
added 2022/02/02 12:0 a.m.272 views

Wordpress Download Monitor Plugin WordPress V 4.4.4 - SQL Injection (Authenticated) Exploit

Exploit Title: Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.download-monitor.com/ Software Link: https://downloads.wordpress.org/plugin/download-monitor.4.4.4.zip Version: 4.4.5 Tested on: Ubun...

7.2CVSS0.17484EPSS
Exploits5
Exploit DB
Exploit DB
added 2022/02/02 12:0 a.m.324 views

Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection (Authenticated)

Exploit Title: Wordpress Plugin Download Monitor WordPress V 4.4.4 - SQL Injection Authenticated Date 28.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.download-monitor.com/ Software Link: https://downloads.wordpress.org/plugin/download-monitor.4.4.4.zip Version: 4.4.5...

7.2CVSS7.2AI score0.17484EPSS
Exploits5
OSV
OSV
added 2022/01/03 1:15 p.m.2 views

CVE-2021-24786

The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue...

7.2CVSS5.8AI score0.17484EPSS
Exploits5References1
CVE
CVE
added 2022/01/03 12:49 p.m.78 views

CVE-2021-24786

The CVE-2021-24786 advisory concerns the WordPress plugin Download Monitor (versions before 4.4.5). It describes an SQL injection vulnerability in the orderby parameter used in logs queries due to insufficient validation/escaping, enabling authenticated administrators to append arbitrary SQL and ...

7.2CVSS7.1AI score0.17484EPSS
Exploits5References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/01/03 12:49 p.m.11 views

CVE-2021-24786 Download Monitor < 4.4.5 - Admin+ SQL Injection

The Download Monitor WordPress plugin before 4.4.5 does not properly validate and escape the "orderby" GET parameter before using it in a SQL statement when viewing the logs, leading to an SQL Injection issue...

7.2AI score0.17484EPSS
Exploits5References1
Rows per page
Query Builder