SQL Injection Vulnerability in AccessPress Social Icons Plugin
CVE-2021-24143 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Unvalidated input in the AccessPress Social Icons plugin, versions before 1.8.1, did not sanitise its widget attribute, allowing accounts with post permission, such as author, to perform SQL injections.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.