CVE-2021-24580

CVE-2021-24580: Side Menu Lite < 2.2.6 - Authenticated SQL Injection

Vendor Unknown

Product Side Menu Lite - add sticky fixed buttons

Weakness CWE-89 · SQLi

Published August 30, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Side Menu Lite WordPress plugin before 2.2.6 does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to a SQL Injection issue

Key dates

02Disclosure timeline

August 30, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-24580 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2024-29725 Multiple vulnerabilities in SportsNET CVE-2024-13532 Small Package Quotes – Purolator Edition <= 3.6.4 - Unauthenticated SQL Injection CVE-2024-11965 PHPGurukul Complaint Management system reset-password.php sql injection CVE-2024-50387 SMB Service CVE-2021-24125 Contact Form Submissions < 1.7.1 - Authenticated SQL Injection