CVE-2021-24140

Summary

Unvalidated input in the Ajax Load More WordPress plugin, versions before 5.3.2, lead to SQL Injection in POST /wp-admin/admin-ajax.php with param repeater=' or sleep(5)#&type=test.

Affected Software

VendorProductVersion RangeStatus
UnknownAjax Load More5.3.2 < 5.3.2affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References