Critical severity9.8NVD Advisory· Published Nov 8, 2021· Updated Jun 17, 2026
CVE-2021-24731
CVE-2021-24731
Description
The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user data before using it in a SQL statement in the wp-json/pie/v1/login REST API endpoint, leading to an SQL injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugindescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/6bed00e4-b363-43b8-a392-d068d342151anvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.