CVE-2021-24629

Summary

The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated SQL Injections

Affected Software

VendorProductVersion RangeStatus
UnknownPost Content XMLRPC1.0 <= 1.0affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References