Vulnerabilities > CVE-2021-24631 - Unspecified vulnerability in Unlimited Popups Project Unlimited Popups 4.5.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Unlimited PopUps WordPress plugin through 4.5.3 does not sanitise or escape the did GET parameter before using it in a SQL statement, available to users as low as editor, leading to an authenticated SQL Injection
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |