RSS   Vulnerabilities for 'Wp cookie user info'   RSS

2022-01-24
 
CVE-2021-24858

CWE-89
 

 
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection

 

 >>> Vendor: Accesspressthemes 9 Products
Ultimate-form-builder-lite
Anonymous post pro
Wp floating menu
Accesspress social icons
Access demo importer
Wp cookie user info
Form store to db
Ap custom testimonial
Ap mega menu


Copyright 2022, cxsecurity.com

 

Back to Top