CVE-2021-24451

CVE-2021-24451: Export Users With Meta < 0.6.5 - Authenticated SQL Injection

Vendor Unknown
Product Export Users With Meta
Weakness CWE-89 · SQLi
Published July 6, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to an authenticated SQL Injection.

Key dates

02Disclosure timeline

July 6, 2021 CVE published
August 3, 2024 Record updated