Vulnerabilities > CVE-2021-24521 - Unspecified vulnerability in Wow-Estore Side Menu

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

wow-estore

NVD

Published: 2021-08-09

Updated: 2024-11-21

Summary

The Side Menu Lite – add sticky fixed buttons WordPress plugin before 2.2.1 does not properly sanitize input values from the browser when building an SQL statement. Users with the administrator role or permission to manage this plugin could perform an SQL Injection attack.

Vulnerable Configurations

Part	Description	Count
Application	Wow-Estore WOW Estore Side Menu 1.0 WOW Estore Side Menu 2.0 WOW Estore Side Menu 2.1 WOW Estore Side Menu 2.1.1 WOW Estore Side Menu 2.2	5

References

https://github.com/pang0lin/CVEproject/blob/main/wordpress_side-menu-lite_sqli.md
https://github.com/pang0lin/CVEproject/blob/main/wordpress_side-menu-lite_sqli.md
https://wpscan.com/vulnerability/eb21ebc5-265c-4378-b2c6-62f6bc2f69cd
https://wpscan.com/vulnerability/eb21ebc5-265c-4378-b2c6-62f6bc2f69cd