Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2021-24862
HistoryJan 10, 2022 - 3:30 p.m.

CVE-2021-24862 RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection

2022-01-1015:30:30
CWE-89
WPScan
www.cve.org
6
wordpress
sql injection
registrationmagic

EPSS

0.765

Percentile

98.3%

JSON

The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue

CNA Affected

[
  {
    "product": "RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "5.0.1.6",
        "status": "affected",
        "version": "5.0.1.6",
        "versionType": "custom"
      }
    ]
  }
]

Related

zdt 1
cnvd 1
packetstorm 2
patchstack 1
nuclei 1
cve 1
prion 1
exploitdb 1
nvd 1
metasploit 1
rapid7blog 1
zdt
zdt
WordPress RegistrationMagic V 5.0.1.5 Plugin- SQL Injection Exploit
2022-01-27 00:00:00
cnvd
cnvd
WordPress RegistrationMagic plugin SQL injection vulnerability
2022-01-14 00:00:00
packetstorm
packetstorm
WordPress RegistrationMagic V 5.0.1.5 SQL Injection
2022-01-27 00:00:00
Wordpress RegistrationMagic Task_ids Authenticated SQL Injection
2024-09-01 00:00:00
patchstack
patchstack
WordPress RegistrationMagic plugin <= 5.0.1.5 - SQL Injection (SQLi) vulnerability
2021-12-08 00:00:00
nuclei
nuclei
WordPress RegistrationMagic <5.0.1.6 - Authenticated SQL Injection
2023-03-18 22:07:09
cve
cve
CVE-2021-24862
2022-01-10 16:15:08
prion
prion
Sql injection
2022-01-10 16:15:00
exploitdb
exploitdb
WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)
2022-01-27 00:00:00
nvd
nvd
CVE-2021-24862
2022-01-10 16:15:08
metasploit
metasploit
Wordpress RegistrationMagic task_ids Authenticated SQLi
2022-01-30 21:08:06
rapid7blog
rapid7blog
Metasploit Wrap-Up
2022-02-04 19:54:30

EPSS

0.765

Percentile

98.3%

JSON
Related for CVELIST:CVE-2021-24862
zdt1cnvd1packetstorm2patchstack1nuclei1cve1prion1exploitdb1nvd1metasploit1rapid7blog1