CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24396

A pageid GET parameter of the GSEOR – WordPress SEO Plugin WordPress plugin through 1.3 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.5%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://codevigilant.com/disclosure/2021/wp-plugin-gseor/
https://wpscan.com/vulnerability/28687291-2369-49e0-8905-dc4359454830
https://codevigilant.com/disclosure/2021/wp-plugin-gseor/
https://wpscan.com/vulnerability/28687291-2369-49e0-8905-dc4359454830

Products affected by CVE-2021-24396

Bestiaweb » Gseor » Version: N/A

cpe:2.3:a:bestiaweb:gseor:-
Bestiaweb » Gseor » Version: 1.3

cpe:2.3:a:bestiaweb:gseor:1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24396

Products

Pricing

Contact Us