CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24959

The WP Email Users WordPress plugin through 1.7.6 does not escape the data_raw parameter in the weu_selected_users_1 AJAX action, available to any authenticated users, allowing them to perform SQL injection attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.394

EPSS Ranking 97.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2021-24959

Techspawn » Wp-Email-Users » Version: N/A

cpe:2.3:a:techspawn:wp-email-users:-
Techspawn » Wp-Email-Users » Version: 1.2.2

cpe:2.3:a:techspawn:wp-email-users:1.2.2
Techspawn » Wp-Email-Users » Version: 1.3.10

cpe:2.3:a:techspawn:wp-email-users:1.3.10
Techspawn » Wp-Email-Users » Version: 1.3.8

cpe:2.3:a:techspawn:wp-email-users:1.3.8
Techspawn » Wp-Email-Users » Version: 1.3.9

cpe:2.3:a:techspawn:wp-email-users:1.3.9
Techspawn » Wp-Email-Users » Version: 1.4.10

cpe:2.3:a:techspawn:wp-email-users:1.4.10
Techspawn » Wp-Email-Users » Version: 1.4.11

cpe:2.3:a:techspawn:wp-email-users:1.4.11
Techspawn » Wp-Email-Users » Version: 1.4.12

cpe:2.3:a:techspawn:wp-email-users:1.4.12
Techspawn » Wp-Email-Users » Version: 1.4.13

cpe:2.3:a:techspawn:wp-email-users:1.4.13
Techspawn » Wp-Email-Users » Version: 1.4.15

cpe:2.3:a:techspawn:wp-email-users:1.4.15
Techspawn » Wp-Email-Users » Version: 1.4.3

cpe:2.3:a:techspawn:wp-email-users:1.4.3
Techspawn » Wp-Email-Users » Version: 1.4.4

cpe:2.3:a:techspawn:wp-email-users:1.4.4
Techspawn » Wp-Email-Users » Version: 1.4.5

cpe:2.3:a:techspawn:wp-email-users:1.4.5
Techspawn » Wp-Email-Users » Version: 1.4.7

cpe:2.3:a:techspawn:wp-email-users:1.4.7
Techspawn » Wp-Email-Users » Version: 1.4.8

cpe:2.3:a:techspawn:wp-email-users:1.4.8
Techspawn » Wp-Email-Users » Version: 1.4.9

cpe:2.3:a:techspawn:wp-email-users:1.4.9
Techspawn » Wp-Email-Users » Version: 1.5.0

cpe:2.3:a:techspawn:wp-email-users:1.5.0
Techspawn » Wp-Email-Users » Version: 1.5.2

cpe:2.3:a:techspawn:wp-email-users:1.5.2
Techspawn » Wp-Email-Users » Version: 1.6.0

cpe:2.3:a:techspawn:wp-email-users:1.6.0
Techspawn » Wp-Email-Users » Version: 1.6.8

cpe:2.3:a:techspawn:wp-email-users:1.6.8
Techspawn » Wp-Email-Users » Version: 1.6.9

cpe:2.3:a:techspawn:wp-email-users:1.6.9
Techspawn » Wp-Email-Users » Version: 1.7.2

cpe:2.3:a:techspawn:wp-email-users:1.7.2
Techspawn » Wp-Email-Users » Version: 1.7.4

cpe:2.3:a:techspawn:wp-email-users:1.7.4
Techspawn » Wp-Email-Users » Version: 1.7.5

cpe:2.3:a:techspawn:wp-email-users:1.7.5
Techspawn » Wp-Email-Users » Version: 1.7.6

cpe:2.3:a:techspawn:wp-email-users:1.7.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24959

Products

Pricing

Contact Us