Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.8 views

CVE-2021-24862

The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rmchronosajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue...

7.2CVSS7.4AI score0.73293EPSS
Exploits6References1
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.191 views

Wordpress RegistrationMagic Task_ids Authenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress RegistrationMagic taskids Authenticated SQLi', 'Description' = %q RegistrationMagic, a WordPress plugin, prior to 5.0.1.5 is affected b...

7.2CVSS7AI score0.73293EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2022/02/04 7:54 p.m.49 views

Metasploit Wrap-Up

Wordpress Exploitation Returns What's life without a little WordPress exploitation? Courtesy of Hacker5preme aka Ron Jost and h00die, we now have an exploit for CVE-2021-24862, a bug in the RestorationMagic WordPress plugin prior to 5.0.1.6 whereby user input was not properly escaped in the...

7.5CVSS0.5AI score0.73293EPSS
Exploits13
Packet Storm
Packet Storm
added 2022/01/27 12:0 a.m.217 views

WordPress RegistrationMagic V 5.0.1.5 SQL Injection

Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...

7.2CVSS0.4AI score0.73293EPSS
Exploits6
Exploit DB
Exploit DB
added 2022/01/27 12:0 a.m.321 views

WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)

Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...

7.2CVSS7.2AI score0.73293EPSS
Exploits6
0day.today
0day.today
added 2022/01/27 12:0 a.m.226 views

WordPress RegistrationMagic V 5.0.1.5 Plugin- SQL Injection Exploit

Exploit Title: WordPress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection Authenticated Date 23.01.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://registrationmagic.com/ Software Link:...

7.2CVSS0.3AI score0.73293EPSS
Exploits6
Circl
Circl
added 2022/01/10 6:15 p.m.16 views

CVE-2021-24862

creationtimestamp| type| source ---|---|--- 2022-01-10 18:15:08+00:00| seen| https://t.me/cibsecurity/35191 2022-02-02 16:09:06+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wpregistrationmagicsqli.rb 2025-02-06 03:13:45+00:00| seen|...

7.2CVSS7.5AI score0.73293EPSS
Exploits6References2
CVE
CVE
added 2022/01/10 3:30 p.m.95 views

CVE-2021-24862

CVE-2021-24862 affects WordPress plugin RegistrationMagic prior to 5.0.1.6. The vulnerability arises from the rm_chronos_ajax action not escaping user input before inserting it into a SQL statement during batch duplication of tasks, enabling authenticated SQL injection. Impact per linked docs inc...

7.2CVSS7.3AI score0.73293EPSS
Exploits6References3Affected Software1
Rows per page
Query Builder