CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25054

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.2%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

https://wpscan.com/vulnerability/200969eb-e2a4-4200-82d7-0c313de089af
https://wpscan.com/vulnerability/200969eb-e2a4-4200-82d7-0c313de089af

Products affected by CVE-2021-25054

Wow-Company » Wpcalc » Version: N/A

cpe:2.3:a:wow-company:wpcalc:-
Wow-Company » Wpcalc » Version: 2.1

cpe:2.3:a:wow-company:wpcalc:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25054

Products

Pricing

Contact Us