Security for everyone

CVE-2021-24731 Scanner

Detects 'SQL Injection (SQLi)' vulnerability in Pie Register plugin for WordPress affects v. before 3.7.1.6.

SCAN NOW

Short Info


Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2021-24731 Scanner Detail

Vulnerability Overview

CVE-2021-24731 represents a significant risk as it allows unauthenticated attackers to perform SQL injections via the affected REST API endpoint, potentially leading to unauthorized access, data leakage, or manipulation.

Vulnerability Details

The vulnerability stems from the plugin's handling of the user_login parameter in the wp-json/pie/v1/login endpoint. By exploiting this flaw, attackers can execute arbitrary SQL commands in the context of the website's database, which could compromise the site's integrity and data security.

Possible Effects

Exploitation of CVE-2021-24731 could result in:

  • Unauthorized access to sensitive database contents.
  • Manipulation or deletion of website data.
  • Disclosure of confidential information, potentially affecting both the site's operators and its users.

Why Choose SecurityForEveryone

SecurityForEveryone provides an all-encompassing approach to securing WordPress websites. By joining our platform, you gain:

  • Advanced scanning tools to detect vulnerabilities like CVE-2021-24731 in real-time.
  • Expert recommendations for vulnerability remediation and prevention.
  • Continuous monitoring to keep your site safeguarded against new and evolving threats. Opt for SecurityForEveryone and elevate your website's security posture today.

References

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture