### [CVE-2021-24384](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24384)
![](https://img.shields.io/static/v1?label=Product&message=JoomSport%20%E2%80%93%20for%20Sports%3A%20Team%20%26%20League%2C%20Football%2C%20Hockey%20%26%20more&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=5.1.8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brightgreen)

### Description

The joomsport_md_load AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for both unauthenticated and unauthenticated users, unserialised user input from the shattr POST parameter, leading to a PHP Object Injection issue. Even though the plugin does not have a suitable gadget chain to exploit this, other installed plugins could, which might lead to more severe issues such as RCE

### POC

#### Reference
- https://wpscan.com/vulnerability/fb6c407c-713c-4e83-92ce-4e5f791be696

#### Github
- https://github.com/20142995/nuclei-templates