Lucene search
K

4 matches found

Circl
Circl
added 2026/03/12 9:2 p.m.5 views

CVE-2021-4458

creationtimestamp| type| source ---|---|--- 2026-03-12 21:02:32+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mgvcd32rie2h 2026-06-06 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2026-06-06 2026-06-19 12:45:09+00:00| exploited|...

9.8CVSS5.7AI score0.00354EPSS
In wildExploits0References4
Patchstack
Patchstack
added 2025/07/14 8:58 p.m.7 views

WordPress Modern Events Calendar Lite plugin <= 6.3.0 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by WordFence in WordPress Plugin Modern Events Calendar Lite versions = 6.3.0...

9.8CVSS7.8AI score0.00354EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/07/12 11:23 a.m.10 views

CVE-2021-4458 Modern Events Calendar Lite <= 6.3.0 - Unauthenticated SQL Injection

The Modern Events Calendar Lite plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'wpajaxmecloadsinglepage' AJAX action in all versions up to, and including, 6.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

5.9CVSS0.00354EPSS
Exploits0References2
CVE
CVE
added 2025/07/12 11:23 a.m.25 views

CVE-2021-4458

The CVE-2021-4458 issue affects the WordPress plugin Modern Events Calendar Lite, version range up to 6.3.0. It is caused by insufficient escaping of the id parameter in the wp_ajax_mec_load_single_page AJAX action, enabling unauthenticated SQL Injection when addslashes is disabled. The vulnerabi...

9.8CVSS7.2AI score0.00354EPSS
In wildExploits0References2Affected Software1
Rows per page
Query Builder