CVE-2021-26754 - CERT CVE

  1. CVE-2021-26754

ID CVE-2021-26754
Sažetak wpDataTables before 3.4.1 mishandles order direction for server-side tables, aka admin-ajax.php?action=get_wdtable order[0][dir] SQL injection.
Reference
CVSS
Base: 10.0
Impact: 10.0
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE COMPLETE COMPLETE
CVSS vektor AV:N/AC:L/Au:N/C:C/I:C/A:C
Zadnje važnije ažuriranje 09-02-2021 - 14:48
Objavljeno 08-02-2021 - 00:15