3 matches found
CVE-2021-24348
The CVE-2021-24348 affects the WordPress Side Menu plugin (versions before 3.1.5). The vulnerability arises in the menu delete functionality where an administrator-accessible did GET parameter is interpolated into an SQL statement without proper sanitisation, validation, or escaping, enabling SQL...
CVE-2021-24521
The CVE-2021-24521 entry concerns the WordPress plugin Side Menu Lite (before version 2.2.1). Connected sources confirm an authenticated SQL injection vulnerability due to improper input sanitization when constructing SQL statements. Impact is limited to privileged users (administrator or those m...
CVE-2021-24580
CVE-2021-24580 refers to the WordPress plugin Side Menu Lite prior to 2.2.6, which has an authenticated SQL Injection flaw. The issue arises because the plugin does not sanitize user input from the List page in the admin dashboard before using it in a SQL statement, allowing an attacker with admi...