Vulnerabilities > CVE-2021-24401 - Unspecified vulnerability in Wp-Domain-Redirect Project Wp-Domain-Redirect

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wp-domain-redirect-project

NVD

Published: 2021-09-20

Updated: 2024-11-21

Summary

The Edit domain functionality in the WP Domain Redirect WordPress plugin through 1.0 has an `editid` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.

Vulnerable Configurations

Part	Description	Count
Application	Wp-Domain-Redirect_Project WP Domain Redirect Project WP Domain Redirect *	1

References

https://codevigilant.com/disclosure/2021/wp-plugins-domain-redirect/
https://codevigilant.com/disclosure/2021/wp-plugins-domain-redirect/
https://wpscan.com/vulnerability/f9ae34a9-84c9-4d48-af6a-9e6c786f856e
https://wpscan.com/vulnerability/f9ae34a9-84c9-4d48-af6a-9e6c786f856e