CVE-2021-24456

The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:ays-pro:quiz_maker:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2021-08-02 11:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-24456

Mitre link : CVE-2021-24456

CVE.ORG link : CVE-2021-24456


JSON object : View

Products Affected

ays-pro

  • quiz_maker
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')