cleantalk
Vulnerabilities and Security Researches

WP Data Access, CVE-2021-24866

CVE, Research URL

CVE-2021-24866

Home page URL

Security reports for WP Data Access

Application

WP Data Access

Published on
Dec 06, 2021
Research Description
The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the backup_date parameter before using it a SQL statement, leading to a SQL injection issue and could allow arbitrary table deletion
Affected versions
max 5.1.4.
Status
vulnerable
Previous vulnerability researches
WP Data Access (CVE-2025-39582) , Apr 18, 2025
WP Data Access (CVE-2024-43295) , Aug 20, 2024
WP Data Access (CVE-2021-24866) , Jun 07, 2024
WP Data Access (CVE-2023-1874) , Jun 07, 2024
WP Data Access (CVE-2024-12428) , Dec 25, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System – Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026