Lucene search
China National Vulnerability DatabaseCNVD-2021-99634HistoryNov 10, 2021 - 12:00 a.m.
WordPress Post Content XMLRPC plugin SQL injection vulnerability
2021-11-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
wordpress
xmlrpc plugin
sql injection
admin dashboard
sensitive database data
vulnerability
EPSS
0.001
Percentile
45.2%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers.The WordPress Post Content XMLRPC plugin is vulnerable to SQL injection, which stems from the plugin’s multiple lack of validation of externally entered SQL statements in the admin dashboard. An authenticated attacker could use the vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
wpexploit
wpexploit
Post Content XMLRPC <= 1.0 - Admin+ SQL Injections
2021-10-07 00:00:00
patchstack
patchstack
cvelist
cvelist
CVE-2021-24629 Post Content XMLRPC <= 1.0 - Admin+ SQL Injections
2021-11-08 17:34:52
nvd
nvd
CVE-2021-24629
2021-11-08 18:15:08
wpvulndb
wpvulndb
Post Content XMLRPC <= 1.0 - Admin+ SQL Injections
2021-10-07 00:00:00
prion
prion
Sql injection
2021-11-08 18:15:00
cve
cve
CVE-2021-24629
2021-11-08 18:15:08