CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24521

The Side Menu Lite – add sticky fixed buttons WordPress plugin before 2.2.1 does not properly sanitize input values from the browser when building an SQL statement. Users with the administrator role or permission to manage this plugin could perform an SQL Injection attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.5%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://github.com/pang0lin/CVEproject/blob/main/wordpress_side-menu-lite_sqli.md
https://wpscan.com/vulnerability/eb21ebc5-265c-4378-b2c6-62f6bc2f69cd
https://github.com/pang0lin/CVEproject/blob/main/wordpress_side-menu-lite_sqli.md
https://wpscan.com/vulnerability/eb21ebc5-265c-4378-b2c6-62f6bc2f69cd

Products affected by CVE-2021-24521

Wow-Estore » Side Menu » Version: 1.0

cpe:2.3:a:wow-estore:side_menu:1.0
Wow-Estore » Side Menu » Version: 2.0

cpe:2.3:a:wow-estore:side_menu:2.0
Wow-Estore » Side Menu » Version: 2.1

cpe:2.3:a:wow-estore:side_menu:2.1
Wow-Estore » Side Menu » Version: 2.1.1

cpe:2.3:a:wow-estore:side_menu:2.1.1
Wow-Estore » Side Menu » Version: 2.2

cpe:2.3:a:wow-estore:side_menu:2.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24521

Products

Pricing

Contact Us