Security Advisory

CVE-2021-24866

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-06 15:55:27

Last updated 2024-08-03 19:49:13

Assigner WPScan

State PUBLISHED

Description

The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the backup_date parameter before using it a SQL statement, leading to a SQL injection issue and could allow arbitrary table deletion

← Browse all CVEs View on cve.org ↗