mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 22:35:37 +02:00
0xMarcio
807 B
807 B
CVE-2021-24393
Description
A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
POC
Reference
- https://codevigilant.com/disclosure/2021/wp-plugin-comment-highlighter/
- https://wpscan.com/vulnerability/24969766-19e3-47cd-b32c-6c3330651d1f
Github
No PoCs found on GitHub currently.