Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-20	CVE-2021-24402	SQL Injection vulnerability in Solvercircle WP Icommerce 1.1.1 The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an `order_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. network low complexity solvercircle CWE-89	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.