CyberSec.Space Logo
CVEブラウザに戻る

CVE-2021-25023

HIGH
7.2
CVSS Severity Score
EPSS Score0.1060%
EPSS Percentile41.76th
Published2022年1月3日
Last Modified2024年11月21日

Vulnerability Description

The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.3.3.1 does not escape the sbp_convert_table_name parameter before using it in a SQL statement to convert the related table, leading to an SQL injection

Affected Platforms (CPE)

📦
Optimocha

Speed Booster Pack

< 4.3.3.1

References & Advisories

🔗 https://wpscan.com/vulnerability/4a27d374-f690-4a8a-987a-9e0f56bbe143
🔗 https://wpscan.com/vulnerability/4a27d374-f690-4a8a-987a-9e0f56bbe143

関連する脆弱性情報

CVE-2021-244307.2

The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and ...

CVE-2021-3467910.0

Thycotic Password Reset Server before 5.3.0 allows credential disclosure.

CVE-2021-3384110.0

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject ...

CVE-2021-3011610.0

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offe...