CVE-2021-24384
CVE-2021-24384 affects the JoomSport WordPress plugin prior to 5.1.8. The vulnerability is a PHP object injection in the joomsport_md_load AJAX action, which unserialises input from the shattr POST parameter. It is accessible to unauthenticated users, and while the plugin itself lacks a gadget ch...