Lucene search
+L

146 matches found

prion
prion
added 2021/10/25 2:15 p.m.18 views

Sql injection

The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection...

6.5CVSS7.3AI score0.01336EPSS
Exploits2References1Affected Software1
cvelist
cvelist
added 2021/10/25 1:20 p.m.26 views

CVE-2021-24769 Permalink Manager Lite < 2.2.13.1 - Admin+ SQL Injection

The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection...

7.6AI score0.01336EPSS
Exploits2References1
cve
cve
added 2021/10/25 1:20 p.m.57 views

CVE-2021-24769

The CVE-2021-24769 affects the WordPress plugin Permalink Manager Lite (before 2.2.13.1). The vulnerability arises from not validating/escaping the orderby parameter before embedding it in a SQL statement on the Permalink Manager page, enabling SQL injection. Public sources (PatchStack, CVE recor...

7.2CVSS7.2AI score0.01336EPSS
Exploits2References1Affected Software1
wpvulndb
wpvulndb
added 2021/09/27 12:0 a.m.21 views

Permalink Manager Lite < 2.2.13.1 - Admin+ SQL Injection

The plugin does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection PoC https://example.com/wp-admin/tools.php?page=permalink-manager=ID+AND+SELECT+9480+FROM+SELECTSLEEP5EXid...

7.2CVSS0.8AI score0.01336EPSS
Exploits2Affected Software1
patchstack
patchstack
added 2021/09/27 12:0 a.m.19 views

WordPress Permalink Manager Lite plugin <= 2.2.12 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by bl4derunner in WordPress Permalink Manager Lite plugin versions = 2.2.12. Solution Update the WordPress Permalink Manager Lite plugin to the latest available version at least 2.2.13.1...

2.9AI score0.01336EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2021/09/27 12:0 a.m.748 views

Permalink Manager Lite < 2.2.13.1 - Admin+ SQL Injection

The plugin does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection https://example.com/wp-admin/tools.php?page=permalink-manager&orderby=ID+AND+SELECT+9480+FROM+SELECTSLEEP5EXid...

7.2CVSS1.6AI score0.01336EPSS
Exploits2
Rows per page
Query Builder