Lucene search
WPScanCVELIST:CVE-2021-24395HistorySep 06, 2021 - 11:09 a.m.
CVE-2021-24395 Embed Youtube Video <= 1.0 - Authenticated SQL Injection
2021-09-0611:09:23
CWE-89
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
45.2%
The editid GET parameter of the Embed Youtube Video WordPress plugin through 1.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
CNA Affected
[
{
"product": "Embed Youtube Video",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "1.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress SQL Injection Vulnerability (CNVD-2021-70738)
2021-09-08 00:00:00
wpvulndb
wpvulndb
Embed Youtube Video <= 1.0 - Authenticated SQL Injection
2021-07-23 00:00:00
prion
prion
Sql injection
2021-09-06 11:15:00
cve
cve
CVE-2021-24395
2021-09-06 11:15:08
wpexploit
wpexploit
Embed Youtube Video <= 1.0 - Authenticated SQL Injection
2021-07-23 00:00:00
nvd
nvd
CVE-2021-24395
2021-09-06 11:15:08