CVE-2021-24662

Summary

The Game Server Status WordPress plugin through 1.0 does not validate or escape the server_id parameter before using it in SQL statement, leading to an Authenticated SQL Injection in an admin page

Affected Software

VendorProductVersion RangeStatus
UnknownGame Server Status1.0 <= 1.0affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References