CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25064

The Wow Countdowns WordPress plugin through 3.1.2 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.8%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://wpscan.com/vulnerability/30c70315-3c17-41f0-a12f-7e3f793e259c
https://wpscan.com/vulnerability/30c70315-3c17-41f0-a12f-7e3f793e259c

Products affected by CVE-2021-25064

Wow-Company » Wow Countdowns » Version: N/A

cpe:2.3:a:wow-company:wow_countdowns:-
Wow-Company » Wow Countdowns » Version: 3.1.2

cpe:2.3:a:wow-company:wow_countdowns:3.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25064

Products

Pricing

Contact Us