CVE-2021-24769

CVE-2021-24769: Permalink Manager Lite < 2.2.13.1 - Admin+ SQL Injection

Vendor Unknown

Product Permalink Manager Lite

Weakness CWE-89 · SQLi

Published October 25, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection

Key dates

02Disclosure timeline

October 25, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-24769 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2023-1468 SourceCodester Student Study Center Desk Management System Report sql injection CVE-2023-1908 SourceCodester Simple Mobile Comparison Website GET Parameter view_category.php sql injection CVE-2026-34018 CVE-2026-2158 code-projects Student Web Portal check_user.php sql injection CVE-2025-9928 projectworlds Travel Management System viewcategory.php sql injection