Unrated severityNVD Advisory· Published Nov 17, 2021· Updated Aug 3, 2024
Stream < 3.8.2 - Admin+ SQL Injection
CVE-2021-24772
Description
The Stream WordPress plugin before 3.8.2 does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2615811/streammitrex_refsource_CONFIRM
- wpscan.com/vulnerability/b9d4f2ad-2f12-4822-817d-982a016af85dmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.