CVE-2021-25007

CVE-2021-25007: MOLIE <= 0.5 - Authenticated SQL Injection

Vendor Unknown

Product MOLIE – Instructure Canvas Linking tool

Weakness CWE-89 · SQLi

Published March 14, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The MOLIE WordPress plugin through 0.5 does not validate and escape a post parameter before using in a SQL statement, leading to an SQL Injection

Key dates

02Disclosure timeline

March 14, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-25007

Related vulnerabilities

04Related CVE

CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter CVE-2025-14245 IdeaCMS Coupon.php whereRaw sql injection CVE-2021-24336 FlightLog <= 3.0.2 - Authenticated (editor+) SQL Injection CVE-2023-1480 SourceCodester Monitoring of Students Cyber Accounts System POST Parameter login.php sql injection CVE-2024-21793 BIG-IP Central Manager OData Injection Vulnerability