CVE-2021-25054

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:wow-company:wpcalc:*:*:*:*:*:wordpress:*:*

Information

Published : 2022-01-10 08:15

Updated : 2022-01-14 10:38


NVD link : CVE-2021-25054

Mitre link : CVE-2021-25054


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

wow-company

  • wpcalc