RSS   Vulnerabilities for 'Mediamatic'   RSS

2021-12-13
 
CVE-2021-24848

CWE-89
 

 
The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin through 2.7, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection

 


Copyright 2024, cxsecurity.com

 

Back to Top