CVE-2021-24149

Unvalidated input in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.6, did not sanitise the mecpostid POST parameter in the mecfesform AJAX action when logged in as an author+, leading to an authenticated SQL Injection issue...

WSN Classifieds 6.2.12/6.2.18 - Multiple Vulnerabilities

Exploit Title: WSN Classifieds v.6.2.12 & 6.2.18 Multiple Vulnerabilities Script Page : http://www.wsnclassifieds.com Date: 1-12-2011 Author : RandomStorm - http://www.randomstorm.com Avram Marius Gabriel d3v1l Tested on: Windows XP & Vista IE9 - Firefox 8.0 Note: Redirect and Html Injection can ...