Vulnerabilities > WEB Dorado > Spidercatalog
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-08 | CVE-2021-24625 | SQL Injection vulnerability in Web-Dorado Spidercatalog The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category | 6.5 |