cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-24402,https://securityvulnerability.io/vulnerability/CVE-2021-24402,WP iCommerce <= 1.1.1 - Authenticated (contributor+) SQL Injection,"The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an `order_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors",Wordpress,WP Icommerce – The First Interactive Ecommerce For WordPress,7.2,HIGH,0.0015399999683722854,false,,false,false,false,,false,false,2021-09-20T10:06:08.000Z,0