CVE-2021-24747

December 27, 2021

The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the “fn_my_ajaxified_dataloader_ajax” AJAX request as the $_REQUEST[‘order’][0][‘dir’] parameter is not properly escaped leading to blind and error-based SQL injections.

Summary:

The SEO Booster WordPress plugin before 3.8 allows for authenticated SQL injection via the “fn_my_ajaxified_dataloader_ajax” AJAX request as the $_REQUEST[‘order’][0][‘dir’] parameter is not properly escaped leading to blind and error-based SQL injections.

Reference Links(if available):

  • https://wpscan.com/vulnerability/40849d93-8949-4bd0-b60e-c0330b385fea
  • https://plugins.trac.wordpress.org/changeset/2637115

  • CVSS Score (if available)

    v2: / MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P

    v3: / HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • You may have missed

    unlock membership

    Fortifying the Backbone: Cybersecurity for Critical Infrastructure

    November 15, 2024
    news

    Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

    November 15, 2024
    news

    Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

    November 15, 2024
    news

    API Security Threats: 83% of Companies Experience Security Incidents

    November 15, 2024
    news

    Microsoft Power Pages: Misconfiguration Risks and Data Exposure

    November 15, 2024