Lucene search
China National Vulnerability DatabaseCNVD-2022-03953HistoryJan 14, 2022 - 12:00 a.m.
WordPress RegistrationMagic plugin SQL injection vulnerability
2022-01-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
wordpress
registrationmagic
sql injection
vulnerability
php
mysql
validation
ajax operation
bulk copy tasks
database data
security
EPSS
0.765
Percentile
98.3%
WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.The WordPress RegistrationMagic plugin was vulnerable to SQL injection before 5.0.1.6, which stems from the lack of validation of external input SQL statements in the rm_chronos_ajax AJAX operation during bulk copy tasks. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
Related
zdt
zdt
WordPress RegistrationMagic V 5.0.1.5 Plugin- SQL Injection Exploit
2022-01-27 00:00:00
packetstorm
packetstorm
WordPress RegistrationMagic V 5.0.1.5 SQL Injection
2022-01-27 00:00:00
Wordpress RegistrationMagic Task_ids Authenticated SQL Injection
2024-09-01 00:00:00
patchstack
patchstack
nuclei
nuclei
WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection
2023-03-18 22:07:09
cvelist
cvelist
CVE-2021-24862 RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection
2022-01-10 15:30:30
cve
cve
CVE-2021-24862
2022-01-10 16:15:08
prion
prion
Sql injection
2022-01-10 16:15:00
exploitdb
exploitdb
WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)
2022-01-27 00:00:00
nvd
nvd
CVE-2021-24862
2022-01-10 16:15:08
metasploit
metasploit
Wordpress RegistrationMagic task_ids Authenticated SQLi
2022-01-30 21:08:06
rapid7blog
rapid7blog
Metasploit Wrap-Up
2022-02-04 19:54:30