Security Advisory
CVE-2021-24138
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Unvalidated input in the AdRotate WordPress plugin, versions before 5.8.4, leads to Authenticated SQL injection via param "id". This requires an admin privileged user.