admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/24xxx/CVE-2021-24669.json
Anthony Singleton 938debeed0 Revert "November 2021 Patch Tuesday" 
This reverts commit df296d9e014bf68ef22c0583c98da3fbe42ea316.
2021-11-17 15:47:33 -05:00

75 lines
1.8 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"CVE_data_meta": {
"ID": "CVE-2021-24669",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "MAZ Loader < 1.3.3 - Contributor+ SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "MAZ Loader Preloader Builder for WordPress",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.3.3",
"version_value": "1.3.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MAZ Loader Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/b97afbe8-c9ae-40a2-81e5-b1d7a6b31831",
"name": "https://wpscan.com/vulnerability/b97afbe8-c9ae-40a2-81e5-b1d7a6b31831"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink