CVE Published: 08/11/2021 |
CVE Updated: 03/08/2024 |
CVE Year: 2021 Source: WPScan |
Vendor: Unknown |
Product: G Auto-Hyperlink Status : PUBLISHED
CVE-2021-24627 Description
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an \'id\' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection