Lucene search
China National Vulnerability DatabaseCNVD-2022-03954HistoryJan 14, 2022 - 12:00 a.m.
WordPress Wpcalc plugin SQL injection vulnerability
2022-01-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
wordpress
sql injection
php
mysql
security vulnerability
malicious commands
database theft
EPSS
0.001
Percentile
37.7%
WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.The WordPress WPcalc plugin in version 2.1 and earlier is vulnerable to SQL injection, which stems from the plugin’s lack of validation of the value of the did parameter against external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
patchstack
patchstack
wpvulndb
wpvulndb
WPcalc <= 2.1 - Authenticated SQL Injection
2021-12-06 00:00:00
prion
prion
Sql injection
2022-01-10 16:15:00
wpexploit
wpexploit
WPcalc <= 2.1 - Authenticated SQL Injection
2021-12-06 00:00:00
cve
cve
CVE-2021-25054
2022-01-10 16:15:09
cvelist
cvelist
CVE-2021-25054 WPcalc <= 2.1 - Authenticated SQL Injection
2022-01-10 15:30:37
nvd
nvd
CVE-2021-25054
2022-01-10 16:15:09