CVE-2021-24521

Name of the Vulnerable Software and Affected Versions The Side Menu Lite – add sticky fixed buttons WordPress plugin versions prior to 2.2.1

Description The issue concerns the improper sanitization of input values from the browser when building an SQL statement, potentially allowing an SQL Injection attack. Users with the administrator role or permission to manage this plugin could exploit this.

Recommendations For versions prior to 2.2.1, update to version 2.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the plugin's management interface to minimize the risk of exploitation.