4 matches found
CVE-2021-25064
The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection...
CVE-2021-25064
The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection...
CVE-2021-25064
Consolidated details for CVE-2021-25064 show: affected product is the WordPress Wow Countdowns plugin up to version 3.1.2. The root cause is improper sanitization of the did parameter, which is directly used in a SQL statement, resulting in an authenticated SQL Injection. Exploitation evidence ap...
CVE-2021-25064 Wow Countdowns <= 3.1.2 - Admin+ SQLi
The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection...