Lucene search
WPScanCVELIST:CVE-2021-24669HistoryNov 08, 2021 - 5:34 p.m.
CVE-2021-24669 MAZ Loader < 1.3.3 - Contributor+ SQL Injection
2021-11-0817:34:59
CWE-89
WPScan
www.cve.org
4
cve-2021-24669
maz loader
wordpress
sql injection
contributor
The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection.
CNA Affected
[
{
"product": "MAZ Loader – Preloader Builder for WordPress",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.3.3",
"status": "affected",
"version": "1.3.3",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-24669
2021-11-08 18:15:08
wpvulndb
wpvulndb
MAZ Loader < 1.3.3 - Contributor+ SQL Injection
2021-10-11 00:00:00
cve
cve
CVE-2021-24669
2021-11-08 18:15:08
patchstack
patchstack
WordPress MAZ Loader plugin <= 1.3.2 - SQL Injection (SQLi) vulnerabilities
2021-10-11 00:00:00
cnvd
cnvd
WordPress Plugin SQL Injection Vulnerability (CNVD-2021-90321)
2021-11-10 00:00:00
prion
prion
Sql injection
2021-11-08 18:15:00
wpexploit
wpexploit
MAZ Loader < 1.3.3 - Contributor+ SQL Injection
2021-10-11 00:00:00