Lucene search
China National Vulnerability DatabaseCNVD-2021-99632HistoryNov 10, 2021 - 12:00 a.m.
WordPress Wow Forms Plugin SQL Injection Vulnerability (CNVD-2021-99632)
2021-11-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
wordpress
wow forms
plugin
sql injection
vulnerability
php
mysql
security
validation
attacker
database
data
cnvd-2021-99632
EPSS
0.001
Percentile
45.2%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Wow Forms plugin in version 3.1.3 and earlier has a security vulnerability that stems from the plugin’s did parameter’s lack of validation for external input SQL statements. An authenticated attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
patchstack
patchstack
WordPress Wow Forms plugin <= 3.1.3 - SQL Injection (SQLi) vulnerability
2021-10-07 00:00:00
wpexploit
wpexploit
Wow Forms <= 3.1.3 - Admin+ SQL Injection
2021-10-07 00:00:00
cve
cve
CVE-2021-24628
2021-11-08 18:15:08
wpvulndb
wpvulndb
Wow Forms <= 3.1.3 - Admin+ SQL Injection
2021-10-07 00:00:00
nvd
nvd
CVE-2021-24628
2021-11-08 18:15:08
prion
prion
Sql injection
2021-11-08 18:15:00
cvelist
cvelist
CVE-2021-24628 Wow Forms <= 3.1.3 - Admin+ SQL Injection
2021-11-08 17:34:51