CVE-2021-24138

Summary

Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user.

Affected Software

VendorProductVersion RangeStatus
UnknownAdRotate5.8.4 < 5.8.4affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References