Lucene search
China National Vulnerability DatabaseCNVD-2021-101993HistoryDec 18, 2021 - 12:00 a.m.
WordPress Quotes Collection plugin SQL injection vulnerability
2021-12-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
37.7%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. Quotes Collection Plugin is a WordPress open source application plugin. WordPress Quotes Collection Plugin has a SQL injection vulnerability that stems from the plugin’s failure to validate and escape The bulkcheck parameter lacks validation for external input SQL statements. An attacker could use the vulnerability to execute illegal SQL commands to steal sensitive database data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress quotes collection plugin | le | 2.5.2 |
Related
prion
prion
Sql injection
2021-12-13 11:15:00
wpvulndb
wpvulndb
Quotes Collection <= 2.5.2 - Admin+ SQL Injection
2021-11-15 00:00:00
cve
cve
CVE-2021-24861
2021-12-13 11:15:09
patchstack
patchstack
cvelist
cvelist
CVE-2021-24861 Quotes Collection <= 2.5.2 - Admin+ SQL Injection
2021-12-13 10:41:12
wpexploit
wpexploit
Quotes Collection <= 2.5.2 - Admin+ SQL Injection
2021-11-15 00:00:00
nvd
nvd
CVE-2021-24861
2021-12-13 11:15:09