CVE-2021-24769

Summary

The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection

Affected Software

VendorProductVersion RangeStatus
UnknownPermalink Manager Lite2.2.13.1 < 2.2.13.1affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References