Exploitation Summary
EIP tracks 2 public exploits for CVE-2010-4839. PoCs published by k3m4n9i, serk.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in the WordPress Event Registration plugin (version 5.32 or lower). The PoC uses a UNION-based SQL injection to extract user credentials from the `wp_users` table.
Description
SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the event_id parameter in a register action.
Exploits (2)
This exploit demonstrates a SQL injection vulnerability in the WordPress Event Registration plugin (version 5.32 or lower). The PoC uses a UNION-based SQL injection to extract user credentials from the `wp_users` table.
This exploit demonstrates a SQL injection vulnerability in the WordPress Event Registration plugin (version <= 5.44). It uses a UNION-based SQLi to extract user credentials (username, password hash, and email) from the wp_users table.