CVE-2021-24860

Summary

The BSK PDF Manager WordPress plugin before 3.1.2 does not validate and escape the orderby and order parameters before using them in a SQL statement, leading to a SQL injection issue

Affected Software

VendorProductVersion RangeStatus
UnknownBSK PDF Manager3.1.2 < 3.1.2affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References