Vulnerabilities > Wpagecontact Project

DATE CVE VULNERABILITY TITLE RISK
2021-09-20 CVE-2021-24403 SQL Injection vulnerability in Wpagecontact Project Wpagecontact
The Orders functionality in the WordPress Page Contact plugin through 1.0 has an order_id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
network
low complexity
wpagecontact-project CWE-89
6.5