WordPress Plugin Vulnerabilities

Slider Hero < 8.2.7 - Contributor+ SQL Injection

Description

The plugin does not sanitise or escape the id attribute of its hero-button shortcode before using it in a SQL statement, allowing users with a role as low as Contributor to perform SQL injection.

Proof of Concept

Affects Plugins

Plugin icon
slider-hero
Fixed in 8.2.7

References

CVE
CVE-2021-24506

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
9.6 (critical)

Miscellaneous

Original Researcher
apple502j
Submitter
apple502j
Verified
Yes
WPVDB ID
52c8755c-46b9-4383-8c8d-8816f03456b0

Timeline

Publicly Published
2021-07-26 (about 4 years ago)
Added
2021-07-26 (about 4 years ago)
Last Updated
2022-02-24 (about 3 years ago)

Other

Published
Title
Published
2025-01-03
Title
Hero Mega Menu - Responsive WordPress Menu Plugin <= 1.16.5 - Authenticated (Subscriber+) SQL Injection
Published
2016-10-06
Title
Zotpress < 6.1.3 - SQL Injection
Published
2025-03-24
Title
Shuffle <= 0.5 - Authenticated (Subscriber+) SQL Injection
Published
2023-01-31
Title
GeoDirectory < 2.2.24 - Admin+ SQLi
Published
2017-05-21
Title
Surveys 1.01.8 - Authenticated SQL Injection