Lucene search
China National Vulnerability DatabaseCNVD-2021-90321HistoryNov 10, 2021 - 12:00 a.m.
WordPress Plugin SQL Injection Vulnerability (CNVD-2021-90321)
2021-11-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
wordpress
plugin
sql injection
vulnerability
cnvd-2021-90321
php
maz loader
open source
application
contributor
EPSS
0.001
Percentile
37.1%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The WordPress plugin is a WordPress open source application plugin. The WordPress plugin is vulnerable to SQL injection, which stems from the fact that The MAZ Loader plugin does not validate or escape the mzldr shortcode’s loader_id parameter, which allows users with roles as low as contributor to perform SQL injections. No details of the vulnerability are currently available.
Related
nvd
nvd
CVE-2021-24669
2021-11-08 18:15:08
wpvulndb
wpvulndb
MAZ Loader < 1.3.3 - Contributor+ SQL Injection
2021-10-11 00:00:00
cve
cve
CVE-2021-24669
2021-11-08 18:15:08
patchstack
patchstack
WordPress MAZ Loader plugin <= 1.3.2 - SQL Injection (SQLi) vulnerabilities
2021-10-11 00:00:00
cvelist
cvelist
CVE-2021-24669 MAZ Loader < 1.3.3 - Contributor+ SQL Injection
2021-11-08 17:34:59
prion
prion
Sql injection
2021-11-08 18:15:00
wpexploit
wpexploit
MAZ Loader < 1.3.3 - Contributor+ SQL Injection
2021-10-11 00:00:00