CVE-2021-24484
N/A
N/A
Summary
The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ays Pro | Secure Copy Content Protection and Content Locking | 2.6.7 < 2.6.7 | affected |
Weaknesses
- CWE-89: CWE-89 SQL Injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.