Source |
CVE Liste |
Identifiant |
3628939 |
Date de publication |
2021-11-08 18:15:09 (vue: 2021-11-08 20:05:55) |
Titre |
CVE-2021-24731 |
Texte |
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection. |
Envoyé |
Oui |
Condensat |
2021 24731 api before codes content cve data does endpoint escape forms gateways injection invitation json/pie/v1/login leading not payment plugin profile properly protection registration rest restriction spam sql statement user using wordpress ã¢â‚¬â€œ |
Tags |
Spam
Guideline
|
Stories |
|
Notes |
|
Move |
|