High severity8.8NVD Advisory· Published Nov 8, 2021· Updated Jun 17, 2026
CVE-2021-24669
CVE-2021-24669
Description
The MAZ Loader – Preloader Builder for WordPress plugin before 1.3.3 does not validate or escape the loader_id parameter of the mzldr shortcode, which allows users with a role as low as Contributor to perform SQL injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/MAZ Loader – Preloader Builderdescription
- Range: <1.3.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/b97afbe8-c9ae-40a2-81e5-b1d7a6b31831nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.