Vulnerabilities > WEB Dorado > Spidercatalog > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-08 CVE-2021-24625 SQL Injection vulnerability in Web-Dorado Spidercatalog
The SpiderCatalog WordPress plugin through 1.7.3 does not sanitise or escape the 'parent' and 'ordering' parameters from the admin dashboard before using them in a SQL statement, leading to a SQL injection when adding a category
network
low complexity
web-dorado CWE-89
6.5