CVE-2021-4458 | Modern Events Calendar Lite Plugin up to 6.3.0 on WordPress wp_ajax_mec_load_single_page ID sql injection

Inserito da Angelo Barbosa | Lug 12, 2025 | CVE

A vulnerability was found in Modern Events Calendar Lite Plugin up to 6.3.0 on WordPress. It has been classified as critical. Affected is the function wp_ajax_mec_load_single_page. The manipulation of the argument ID leads to sql injection.

This vulnerability is traded as CVE-2021-4458. It is possible to launch the attack remotely. There is no exploit available.

CVE-2021-4458 | Modern Events Calendar Lite Plugin up to 6.3.0 on WordPress wp_ajax_mec_load_single_page ID sql injection

Post correlati

CVE-2024-42392 | Cesanta Mongoose Web Server up to 7.14 delimiters

CVE-2024-31142 | Xen BTC SRSO Mitigation Privilege Escalation (XSA-455)

CVE-2024-32972 | go-ethereum up to 1.13.14 p2p Message resource consumption (GHSA-4xc9-8hmq-j652)

CVE-2024-30526 | Easy Social Feed Plugin up to 6.5.6 on WordPress cross-site request forgery