cleantalk
Vulnerabilities and Security Researches

WordPress Infinite Scroll – Ajax Load More, CVE-2021-24140

CVE, Research URL

CVE-2021-24140

Home page URL

Security reports for WordPress Infinite Scroll – Ajax Load More

Application

WordPress Infinite Scroll – Ajax Load More

Published on
Mar 18, 2021
Research Description
Unvalidated input in the Ajax Load More WordPress plugin, versions before 5.3.2, lead to SQL Injection in POST /wp-admin/admin-ajax.php with param repeater=' or sleep(5)#&type=test.
Affected versions
Min -, max 2.11.2.
Status
vulnerable
Previous vulnerability researches
WordPress Ajax Load More and Infinite Scroll (CVE-2025-5586) , Jun 15, 2025
Load More Anything (CVE-2024-32110) , Jun 07, 2024
Load More Anything (6b946ad178fdf132c2a039c6c7e104487b2ab9cb) , Jun 07, 2024
Load More Anything (CVE-2024-24704) , Jun 10, 2024
WordPress Infinite Scroll – Ajax Load More (CVE-2025-4775) , Jun 18, 2025
New vulnerability
Table of Contents Plus , Jun 19, 2025
WP Employee Attendance System (CVE-2025-28972) , Jun 18, 2025
Wise Chat (CVE-2025-3774) , Jun 18, 2025
WPAdverts – Classifieds Plugin (CVE-2025-49878) , Jun 18, 2025
Brid Video Easy Publish (CVE-2025-5237) , Jun 18, 2025