Lucene search
PRIOn knowledge basePRION:CVE-2021-24606HistorySep 20, 2021 - 10:15 a.m.
Sql injection
2021-09-2010:15:00
PRIOn knowledge base
www.prio-n.com
6
The Availability Calendar WordPress plugin before 1.2.1 does not escape the category attribute from its shortcode before using it in a SQL statement, leading to a SQL Injection issue, which can be exploited by any user able to add shortcode to posts/pages, such as contributor+
| CPE | Name | Operator | Version |
|---|---|---|---|
| availability_calendar | lt | 1.2.1 |
Related
wpvulndb
wpvulndb
Availability Calendar < 1.2.1 - Authenticated SQL Injection
2021-08-04 00:00:00
nvd
nvd
CVE-2021-24606
2021-09-20 10:15:08
cvelist
cvelist
CVE-2021-24606 Availability Calendar < 1.2.1 - Authenticated SQL Injection
2021-09-20 10:06:32
cve
cve
CVE-2021-24606
2021-09-20 10:15:08
wpexploit
wpexploit
Availability Calendar < 1.2.1 - Authenticated SQL Injection
2021-08-04 00:00:00