CVE-2021-24143

Summary

Unvalidated input in the AccessPress Social Icons plugin, versions before 1.8.1, did not sanitise its widget attribute, allowing accounts with post permission, such as author, to perform SQL injections.

Affected Software

VendorProductVersion RangeStatus
UnknownAccessPress Social Icons1.8.1 < 1.8.1affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References