Lucene search
WPScanCVELIST:CVE-2021-25054HistoryJan 10, 2022 - 3:30 p.m.
CVE-2021-25054 WPcalc <= 2.1 - Authenticated SQL Injection
2022-01-1015:30:37
CWE-89
WPScan
www.cve.org
2
wpcalc
sql injection
authenticated
EPSS
0.001
Percentile
37.7%
The WPcalc WordPress plugin through 2.1 does not sanitize user input into the ‘did’ parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability.
CNA Affected
[
{
"product": "WPcalc – create any online calculators",
"vendor": "Unknown",
"versions": [
{
"lessThanOrEqual": "2.1",
"status": "affected",
"version": "2.1",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
WordPress Wpcalc plugin SQL injection vulnerability
2022-01-14 00:00:00
wpvulndb
wpvulndb
WPcalc <= 2.1 - Authenticated SQL Injection
2021-12-06 00:00:00
patchstack
patchstack
prion
prion
Sql injection
2022-01-10 16:15:00
wpexploit
wpexploit
WPcalc <= 2.1 - Authenticated SQL Injection
2021-12-06 00:00:00
cve
cve
CVE-2021-25054
2022-01-10 16:15:09
nvd
nvd
CVE-2021-25054
2022-01-10 16:15:09