CVE-2021-24401

CVE-2021-24401: WP Domain Redirect <= 1.0 - Authenticated SQL Injection

Vendor Unknown
Product WP Domain Redirect
Weakness CWE-89 · SQLi
Published September 20, 2021
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

The Edit domain functionality in the WP Domain Redirect WordPress plugin through 1.0 has an `editid` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

Key dates

02Disclosure timeline

September 20, 2021 CVE published
August 3, 2024 Record updated