CVE-2021-25054

CVE-2021-25054: WPcalc <= 2.1 - Authenticated SQL Injection

Vendor Unknown
Product WPcalc – create any online calculators
Weakness CWE-89 · SQLi
Published January 10, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The WPcalc WordPress plugin through 2.1 does not sanitize user input into the 'did' parameter and uses it in a SQL statement, leading to an authenticated SQL Injection vulnerability.

Key dates

02Disclosure timeline

January 10, 2022 CVE published
August 3, 2024 Record updated