Security Advisory

CVE-2021-24848

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-13 10:41:07

Last updated 2024-08-03 19:42:17

Assigner WPScan

State PUBLISHED

Description

The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin before 2.8.1, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection

← Browse all CVEs View on cve.org ↗