Lucene search
China National Vulnerability DatabaseCNVD-2022-68904HistoryAug 10, 2021 - 12:00 a.m.
WordPress Astra Pro Addon Plugin SQL Injection Vulnerability
2021-08-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
wordpress
astra pro addon plugin
sql injection
vulnerability
php
mysql
sql commands
data theft
EPSS
0.002
Percentile
55.8%
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers.A SQL injection vulnerability exists in versions of WordPress prior to Astra Pro Addon Plugin 3.5.2, which stems from astra_pagination_infinite and astra_shop_pagination_ infinite lacks validation of external input SQL statements. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
cvelist
cvelist
CVE-2021-24507 Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection
2021-08-09 10:04:12
wpexploit
wpexploit
Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection
2021-07-08 00:00:00
cve
cve
CVE-2021-24507
2021-08-09 10:15:07
nvd
nvd
CVE-2021-24507
2021-08-09 10:15:07
githubexploit
githubexploit
Exploit for SQL Injection in Brainstormforce Astra
2022-04-28 13:10:55
prion
prion
Sql injection
2021-08-09 10:15:00
wpvulndb
wpvulndb
Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection
2021-07-08 00:00:00
patchstack
patchstack