CVE-2021-24862-Exploit
Wordpress Plugin RegistrationMagic V 5.0.1.5 - SQL Injection (Authenticated)
CVE description:
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rm_chronos_ajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue.
ExploitDB:
Exploit Description:
- Vendor Homepage: https://registrationmagic.com/
- Software Link: https://downloads.wordpress.org/plugin/custom-registration-form-builder-with-submission-manager.5.0.1.5.zip
- Version: Up to 5.0.1.5
- Tested on Ubuntu 20.04

