CVE-2021-24727

CVE-2021-24727: Block and Stop Bad Bots < 6.60 - Authenticated SQL Injections

Vendor Unknown
Product WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots
Weakness CWE-89 · SQLi
Published September 13, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections

Key dates

02Disclosure timeline

September 13, 2021 CVE published
August 3, 2024 Record updated