Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-24143

Disclosure Date: March 18, 2021 (last updated November 28, 2024)
Unvalidated input in the AccessPress Social Icons plugin, versions before 1.8.1, did not sanitise its widget attribute, allowing accounts with post permission, such as author, to perform SQL injections.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0