# Exploit Title: WordPress Plugin Modern Events Calendar V 6.1 - SQL Injection (Unauthenticated)
# Date 26.01.2022
# Exploit Author: Ron Jost (Hacker5preme)
# Vendor Homepage: https://webnus.net/modern-events-calendar/
# Software Link: https://downloads.wordpress.org/plugin/modern-events-calendar-lite.6.1.0.zip
# Version: <= 6.1
# Tested on: Ubuntu 20.04
# CVE: CVE-2021-24946
# CWE: CWE-89
# Documentation: https://github.com/Hacker5preme/Exploits/blob/main/Wordpress/CVE-2021-24946/README.md
'''
Description:
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter
before using it in a SQL statement in the mec_load_single_page AJAX action, available to unauthenticated users,
leading to an unauthenticated SQL injection issue
'''
#Banner:
banner = '''
.oOOOo. o 'O o.OOoOoo
.O o O o O .oOOo. .oOOo. .oOOo. oO .oOOo. o O .oOOo. o O .oOOo.
o o O o O O o O O O O o O o O o O
o o o ooOO o o O o o o o o o O o o o
o O O' O ooooooooo O' o o O' O ooooooooo O' OooOOo `OooOo OooOOo OoOOo.
O `o o o O O O O o O O O O O O
`o .o `o O O .O o O .O O .O o o o O o
`OoooO' `o' ooOooOoO oOoOoO `OooO' oOoOoO OooOO oOoOoO O `OooO' O `OooO'
[+] Modern Events Calendar Lite SQL-Injection
[@] Developed by Ron Jost (Hacker5preme)
'''
print(banner)
import requests
import argparse
from datetime import datetime
import os