Security Advisory

CVE-2021-24666

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-27 15:25:36

Last updated 2024-08-03 19:42:15

Assigner WPScan

State PUBLISHED

Description

The Podlove Podcast Publisher WordPress plugin before 3.5.6 contains a Social & Donations module (not activated by default), which adds the rest route /services/contributor/(?P<id>[d]+), takes an id and category parameters as arguments. Both parameters can be used for the SQLi.

← Browse all CVEs View on cve.org ↗