RSS   Vulnerabilities for 'Seo booster'   RSS

2021-12-13
 
CVE-2021-24747

CWE-89
 

 
The SEO Booster WordPress plugin through 3.7 allows for authenticated SQL injection via the "fn_my_ajaxified_dataloader_ajax" AJAX request as the $_REQUEST['order'][0]['dir'] parameter is not properly escaped leading to blind and error-based SQL injections.

 


Copyright 2024, cxsecurity.com

 

Back to Top