CVE-2010-4839

WordPress Event Registration <5.32 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-4839. PoCs published by k3m4n9i, serk.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in the WordPress Event Registration plugin (version 5.32 or lower). The PoC uses a UNION-based SQL injection to extract user credentials from the `wp_users` table.

Description

SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the event_id parameter in a register action.

Exploits (2)

exploitdb WORKING POC VERIFIED
by k3m4n9i · textwebappsphp
https://www.exploit-db.com/exploits/15513

This exploit demonstrates a SQL injection vulnerability in the WordPress Event Registration plugin (version 5.32 or lower). The PoC uses a UNION-based SQL injection to extract user credentials from the `wp_users` table.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: WordPress Event Registration plugin <= 5.32
No auth needed
Prerequisites: Access to the vulnerable WordPress plugin endpoint
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by serk · textwebappsphp
https://www.exploit-db.com/exploits/17814

This exploit demonstrates a SQL injection vulnerability in the WordPress Event Registration plugin (version <= 5.44). It uses a UNION-based SQLi to extract user credentials (username, password hash, and email) from the wp_users table.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: WordPress Event Registration plugin <= 5.44
No auth needed
Prerequisites: Target must have the vulnerable plugin installed and accessible
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42265
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/15513

Scores

EPSS 0.0276
EPSS Percentile 84.6%

Details

CWE
CWE-89
Status published
Products (1)
edgetechweb/event_registration < 5.32
Published Sep 14, 2011
Tracked Since Feb 18, 2026