Security for everyone

CVE-2021-24285 Scanner

Detects 'SQL Injection' vulnerability in Car Seller Auto Classifieds Script affects v. through 2.1.0.


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2021-24285 Scanner Detail

Car Seller Auto Classifieds Script is a WordPress plugin that enables site owners to create a platform where they can sell automobiles. The plugin is designed to be user-friendly, intuitive, and easy to use. It comes with a range of features, including the ability to create custom categories, add custom fields, and set up a search filter.

Unfortunately, the plugin has been found to contain a critical vulnerability. CVE-2021-24285 is a SQL injection vulnerability that exists in the request_list_request AJAX call of the plugin. This vulnerability is present in both authenticated and unauthenticated contexts, and it arises because the plugin does not validate, sanitize or escape the order_id POST parameter before using it in a SQL statement.

When exploited, this vulnerability can allow an attacker to execute arbitrary SQL queries. This can lead to data leakage, data manipulation, and full system compromise. An attacker can steal sensitive information, compromise user accounts, and even take control of the entire WordPress installation, compromising the entire website.

At, we provide users with the tools they need to stay on top of their website's security. With our pro features, users can quickly and easily learn about vulnerabilities in their digital assets. We offer comprehensive vulnerability scanning and reporting to help our clients stay ahead of the game. With, you can be confident that your website is secure and protected from malicious attacks.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture