CVE-2021-24731 Scanner
Detects 'SQL Injection (SQLi)' vulnerability in Pie Register plugin for WordPress affects v. before 3.7.1.6.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
4 weeks
Scan only one
Domain, IPv4
Toolbox
-
Vulnerability Overview
CVE-2021-24731 represents a significant risk as it allows unauthenticated attackers to perform SQL injections via the affected REST API endpoint, potentially leading to unauthorized access, data leakage, or manipulation.
Vulnerability Details
The vulnerability stems from the plugin's handling of the user_login
parameter in the wp-json/pie/v1/login
endpoint. By exploiting this flaw, attackers can execute arbitrary SQL commands in the context of the website's database, which could compromise the site's integrity and data security.
Possible Effects
Exploitation of CVE-2021-24731 could result in:
- Unauthorized access to sensitive database contents.
- Manipulation or deletion of website data.
- Disclosure of confidential information, potentially affecting both the site's operators and its users.
Why Choose S4E
S4E provides an all-encompassing approach to securing WordPress websites. By joining our platform, you gain:
- Advanced scanning tools to detect vulnerabilities like CVE-2021-24731 in real-time.
- Expert recommendations for vulnerability remediation and prevention.
- Continuous monitoring to keep your site safeguarded against new and evolving threats. Opt for S4E and elevate your website's security posture today.