CVE-2021-24336

The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users...

CVE-2021-24336

The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users...

CVE-2021-24336

The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users...

Sql injection

The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users...

CVE-2021-24336 FlightLog <= 3.0.2 - Authenticated (editor+) SQL Injection

The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users...

CVE-2021-24336

CVE-2021-24336 affects the WordPress FlightLog plugin (

FlightLog <= 3.0.2 - Authenticated (editor+) SQL Injection

The plugin does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users 1. to and from parameters Editor Level Tools - Flightlog - add a record POST...

WordPress FlightLog plugin <= 3.0.2 - Authenticated SQL Injection (SQLi) injection

Authenticated SQL Injection SQLi injection discovered by Shreya Pohekar Code Vigilant Project in WordPress FlightLog plugin versions = 3.0.2. Solution This plugin has been closed as of April 19, 2021 and is not available for download. This closure is temporary, pending a full review...