High severity7.2NVD Advisory· Published Jun 14, 2021· Updated Jun 17, 2026
CVE-2021-24348
CVE-2021-24348
Description
The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Side Menu – add fixed side buttonsdescription
Patches
Vulnerability mechanics
References
2- codevigilant.com/disclosure/2021/wp-plugin-side-menu/nvdExploitPatchThird Party Advisory
- wpscan.com/vulnerability/e0ca257e-6e78-4611-a9ad-be43d37cf474nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.