High severity7.2NVD Advisory· Published Mar 7, 2022· Updated Jun 17, 2026
CVE-2021-24777
CVE-2021-24777
Description
The view submission functionality in the Hotscot Contact Form WordPress plugin before 1.3 makes a get request with the sub_id parameter which not sanitised, escaped or validated before inserting to a SQL statement, leading to an SQL injection.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Hotscot Contact Form WordPress plugindescription
- Range: <1.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/2dfde2ef-1b33-4dc9-aa3e-02d319effb3anvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.