Vulnerabilities > CVE-2021-25068 - Unspecified vulnerability in DPL Sync Woocommerce Product Feed to Google Shopping 1.2.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Sync WooCommerce Product feed to Google Shopping WordPress plugin through 1.2.4 uses the 'feed_id' POST parameter which is not properly sanitized for use in a SQL statement, leading to a SQL injection vulnerability in the admin dashboard
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |