CVE-2021-25070

Summary

The Block Bad Bots WordPress plugin before 6.88 does not properly sanitise and escape the User Agent before using it in a SQL statement to record logs, leading to an SQL Injection issue

Affected Software

VendorProductVersion RangeStatus
UnknownBlock Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection6.88 < 6.88affected

Weaknesses

  • CWE-89: CWE-89 SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References