cleantalk
Vulnerabilities and Security Researches

Header Footer Code Manager, CVE-2021-24791

CVE, Research URL

CVE-2021-24791

Home page URL

Security reports for Header Footer Code Manager

Application

Header Footer Code Manager

Published on
Nov 08, 2021
Research Description
The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the "orderby" and "order" request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections
Affected versions
Min -, max 1.1.14.
Status
vulnerable
Previous vulnerability researches
Header Footer Code Manager , May 20, 2025
Header Footer Code Manager (CVE-2023-39989) , Jun 07, 2024
Header Footer Code Manager (CVE-2022-0710) , Jun 07, 2024
Header Footer Code Manager (CVE-2021-24791) , Jun 07, 2024
Header Footer Code Manager (CVE-2022-0899) , Jun 07, 2024
New vulnerability
Falang multilanguage for WordPress (CVE-2025-48285) , Jun 15, 2025
Social Sharing Plugin – Sassy Social Share (CVE-2025-5528) , Jun 15, 2025
PSW – Login and registration (CVE-2025-4607) , Jun 15, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2024-9994) , Jun 15, 2025
Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders (CVE-2024-9993) , Jun 15, 2025