mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-14 15:08:03 +02:00
0xMarcio
963 B
963 B
CVE-2021-24869
&color=brighgreen)
Description
The WP Fastest Cache WordPress plugin before 0.9.5 does not escape user input in the set_urls_with_terms method before using it in a SQL statement, leading to an SQL injection exploitable by low privilege users such as subscriber
POC
Reference
- https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/
- https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/
Github
No PoCs found on GitHub currently.