VYPR

Mediamatic

by WordPress

CVEs (1)

  • CVE-2021-24848HigDec 13, 2021
    risk 0.57cvss 8.8epss 0.01

    The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPress plugin before 2.8.1, available to any authenticated user, does not sanitise the categoryID parameter before using it in a SQL statement, leading to an SQL injection