3 matches found
CVE-2021-24451
The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to an authenticated SQL Injection...
CVE-2021-24451
The CVE-2021-24451 entry concerns the WordPress plugin Export Users With Meta (before 0.6.5). The vulnerability arises because the plugin did not escape the list of roles when constructing the SQL in the export function, which is accessible to admins, enabling authenticated SQL injection. Affecte...
CVE-2021-24451 Export Users With Meta < 0.6.5 - Authenticated SQL Injection
The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to an authenticated SQL Injection...