Security Advisory

CVE-2021-4208

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-02-21 10:45:57

Last updated 2024-08-03 17:16:04

Assigner WPScan

State PUBLISHED

Description

The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and escape the product_id POST parameter before using it in a SQL statement, leading to a SQL injection vulnerability exploitable by high privilege users

← Browse all CVEs View on cve.org ↗