CVE-2021-24555

Sažetak

The daac_delete_booking_callback function, hooked to the daac_delete_booking AJAX action, takes the id POST parameter which is passed into the SQL statement without proper sanitisation, validation or escaping, leading to a SQL Injection issue. Furthermore, the ajax action is lacking any CSRF and capability check, making it available to any authenticated user.

Reference

https://wpscan.com/vulnerability/8eafd84b-6214-450b-869b-0afe7cca4c5f
https://codevigilant.com/disclosure/2021/wp-plugin-diary-availability-calendar/

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

09-11-2022 - 19:19

Objavljeno

23-08-2021 - 12:15