CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24629

The Post Content XMLRPC WordPress plugin through 1.0 does not sanitise or escape multiple GET/POST parameters before using them in SQL statements in the admin dashboard, leading to an authenticated SQL Injections

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.7%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://codevigilant.com/disclosure/2021/wp-plugin-post-content-xmlrpc/
https://wpscan.com/vulnerability/fb42980c-93e5-42d5-a478-c2b348eaea67
https://codevigilant.com/disclosure/2021/wp-plugin-post-content-xmlrpc/
https://wpscan.com/vulnerability/fb42980c-93e5-42d5-a478-c2b348eaea67

Products affected by CVE-2021-24629

Post Content Xmlrpc Project » Post Content Xmlrpc » Version: N/A

cpe:2.3:a:post_content_xmlrpc_project:post_content_xmlrpc:-
Post Content Xmlrpc Project » Post Content Xmlrpc » Version: 1.0

cpe:2.3:a:post_content_xmlrpc_project:post_content_xmlrpc:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24629

Products

Pricing

Contact Us