Medium severity6.5NVD Advisory· Published Jun 14, 2021· Updated Jun 17, 2026
CVE-2021-24360
CVE-2021-24360
Description
The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users (contributor+) to perform Blind SQL Injection attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Yes/No Chartdescription
- Range: <1.0.12
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d9586453-cc5c-4d26-bb45-a6370c9427fenvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.