{"vulnerability": "CVE-2021-24943", "sightings": [{"uuid": "601a4655-9b3e-474c-a8a4-48c4186942be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24943", "type": "seen", "source": "https://t.me/cibsecurity/33388", "content": "\u203c CVE-2021-24943 \u203c\n\nThe Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and escape the event_id in the rtec_send_unregister_link AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an unauthenticated SQL injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T18:21:01.000000Z"}, {"uuid": "ceaa6845-3e6f-454d-95a6-56e1787d978f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24943", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-10)", "content": "", "creation_timestamp": "2026-03-10T00:00:00.000000Z"}]}