| Vulnerable Component Details | |||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Type | Namespace | Name | Version | Package URL | |||||||||||||||||||
| npm | None | stream | 0.0.2 | pkg:npm/stream@0.0.2?package-id=73b008607c39b546 | |||||||||||||||||||
| Vulnerability Details | |||||||||||||||||||||||
| ID | CVE-2021-24772 | ||||||||||||||||||||||
| Description | The Stream WordPress plugin before 3.8.2 does not sanitise and validate the order GET parameter from the Stream Records admin dashboard before using it in a SQL statement, leading to an SQL injection issue. | ||||||||||||||||||||||
| Ratings |
|
||||||||||||||||||||||
| Found By | Anchore Grype | ||||||||||||||||||||||
| References / Advisories | |||||||||||||||||||||||