Skip to main content

M Vslider

1 CVEs product

Monthly

CVE-2021-24557 HIGH POC This Week

The update functionality in the rslider_page uses an rs_id POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi M Vslider
NVD WPScan
CVSS 3.1
7.2
EPSS
1.5%
EPSS 2% CVSS 7.2
HIGH POC This Week

The update functionality in the rslider_page uses an rs_id POST parameter which is not validated, sanitised or escaped before being inserted in sql query, therefore leading to SQL injection for users. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi M Vslider
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy