CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-24848

The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin before 2.8.1, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://wpscan.com/vulnerability/156d4faf-7d34-4d9f-a654-9064d4eb3aea
https://wpscan.com/vulnerability/156d4faf-7d34-4d9f-a654-9064d4eb3aea

Products affected by CVE-2021-24848

Frenify » Mediamatic » Version: N/A

cpe:2.3:a:frenify:mediamatic:-
Frenify » Mediamatic » Version: 2.7

cpe:2.3:a:frenify:mediamatic:2.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24848

Products

Pricing

Contact Us