Vulnerabilities > CVE-2021-24397 - Unspecified vulnerability in Activemedia Microcopy 1.1.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The edit functionality in the MicroCopy WordPress plugin through 1.1.0 makes a get request to fetch the related option. The id parameter used is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |