CVE-2021-24336

Summary

The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users

Affected Software

VendorProductVersion RangeStatus
UnknownFlightLog3.0.2 <= 3.0.2affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References