Vulnerabilities > CVE-2021-24314 - Unspecified vulnerability in Boostifythemes Goto 2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Goto WordPress theme before 2.1 did not sanitise, validate of escape the keywords GET parameter from its listing page before using it in a SQL statement, leading to an Unauthenticated SQL injection issue
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
References
- https://m0ze.ru/vulnerability/%5B2021-03-24%5D-%5BWordPress%5D-%5BCWE-89%5D-Goto-WordPress-Theme-v2.0.txt
- https://m0ze.ru/vulnerability/%5B2021-03-24%5D-%5BWordPress%5D-%5BCWE-89%5D-Goto-WordPress-Theme-v2.0.txt
- https://wpscan.com/vulnerability/1cc6dc17-b019-49dd-8149-c8bba165eb30
- https://wpscan.com/vulnerability/1cc6dc17-b019-49dd-8149-c8bba165eb30