Lucene search
PRIOn knowledge basePRION:CVE-2021-24946HistoryDec 13, 2021 - 11:15 a.m.
Sql injection
2021-12-1311:15:00
PRIOn knowledge base
www.prio-n.com
14
0.143 Low
EPSS
Percentile
95.7%
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue
| CPE | Name | Operator | Version |
|---|---|---|---|
| modern_events_calendar_lite | lt | 6.1.5 |
Related
nuclei
nuclei
WordPress Modern Events Calendar <6.1.5 - Blind SQL Injection
2023-01-02 13:01:31
zdt
zdt
metasploit
metasploit
WordPress Modern Events Calendar SQLi Scanner
2022-02-03 00:21:42
packetstorm
packetstorm
WordPress Modern Events Calendar 6.1 SQL Injection
2022-01-27 00:00:00
cvelist
cvelist
patchstack
patchstack
cnvd
cnvd
WordPress Modern Events Calendar Lite PluginSQL Injection Vulnerability
2021-12-18 00:00:00
nvd
nvd
CVE-2021-24946
2021-12-13 11:15:09
wpvulndb
wpvulndb
Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL Injection
2021-11-15 00:00:00
wpexploit
wpexploit
Modern Events Calendar < 6.1.5 - Unauthenticated Blind SQL Injection
2021-11-15 00:00:00
cve
cve
CVE-2021-24946
2021-12-13 11:15:09
exploitdb
exploitdb
openvas
openvas
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2022-03-04 21:52:42