← Back

Spidercatalog

spidercatalog

Vendor: Web Dorado • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24625
1Web Dorado
1Spidercatalog
Nov 21, 2024
Nov 8, 2021
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a...Show more
The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a categoryShow less