HomePentest-Tools.com Logo

G Auto-Hyperlink <= 1.0.1 - SQL Injection CVE-2021-24627

Severity
CVSSv3 Score
7.2
Vulnerability description

The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection\n

Risk description

No risk description to display.

Recommendation

We recommend you to upgrade the affected software to the latest version, which mitigates this vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Nov 8, 2021
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available