Vulnerability Description
The get_portfolios() and get_portfolio_attributes() functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Portfolio Responsive Gallery WordPress plugin before 1.1.8 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ays-Pro | Portfolio Responsive Gallery | < 1.1.8 |
Related Weaknesses (CWE)
References
- https://wpscan.com/vulnerability/97f4f7da-22a8-42a6-88ac-82e95a6c06ddExploitThird Party Advisory
- https://wpscan.com/vulnerability/97f4f7da-22a8-42a6-88ac-82e95a6c06ddExploitThird Party Advisory
FAQ
What is CVE-2021-24457?
CVE-2021-24457 is a vulnerability with a CVSS score of 8.8 (HIGH). The get_portfolios() and get_portfolio_attributes() functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Por...
How severe is CVE-2021-24457?
CVE-2021-24457 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-24457?
Check the references section above for vendor advisories and patch information. Affected products include: Ays-Pro Portfolio Responsive Gallery.