Unrated severityNVD Advisory· Published Sep 13, 2021· Updated Aug 3, 2024

Block and Stop Bad Bots < 6.60 - Authenticated SQL Injections

CVE-2021-24727

Description

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections

Affected products

WordPress/Stopbadbotsinferred
Range: <6.60
Package: https://wordpress.org/plugins/stopbadbots

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

plugins.trac.wordpress.org/changeset/2576276/mitrex_refsource_CONFIRM
wpscan.com/vulnerability/ffa1f718-f2c5-48ef-8eea-33a18a628a2cmitrex_refsource_MISC
www.trustwave.com/en-us/resources/security-resources/security-advisories/mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000