Vulnerabilities > Ayecode

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-21	CVE-2021-24361	SQL Injection vulnerability in Ayecode Location Manager In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gd_popular_location_list did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues. network low complexity ayecode CWE-89 critical	9.8
2021-06-21	CVE-2021-24369	Cross-site Scripting vulnerability in Ayecode Getpaid In the GetPaid WordPress plugin before 2.3.4, users with the contributor role and above can create a new Payment Form, however the Label and Help Text input fields were not getting sanitized properly. network low complexity ayecode CWE-79	5.4

Vulnerabilities > Ayecode {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ayecode"}]}