CVE-2021-24580

September 2, 2021

The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue

Summary:

The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue

Reference Links(if available):

  • https://wpscan.com/vulnerability/2faccd1b-4b1c-4b3e-b917-de2d05e860f8

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • You may have missed

    image

    [DRAGONFORCE] – Ransomware Victim: SUSTA S[.]r[.]l[.]

    November 18, 2024
    image

    [MEDUSA] – Ransomware Victim: Maxeon

    November 18, 2024
    image

    [BLACKSUIT] – Ransomware Victim: eastgateauto[.]com

    November 18, 2024
    image

    [ELDORADO] – Ransomware Victim: LA LUCKY Brand

    November 18, 2024
    image

    [BLACKSUIT] – Ransomware Victim: kciaviation[.]com

    November 18, 2024