Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2023-33927: WordPress Multiple Page Generator Plugin – MPG plugin <= 3.3.19 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG multiple-pages-generator-by-porthas allows SQL Injection.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.3.19.

CVE
Open in Source
#sql#vulnerability#wordpress
CVE-2023-35879: WordPress WooCommerce Product Vendors plugin <= 2.1.78 - Shop Manager+ SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WooCommerce Product Vendors allows SQL Injection.This issue affects Product Vendors: from n/a through 2.1.78.

CVE-2023-31212: WordPress Contact Form Entries plugin <= 1.3.0 - Auth. SQL Injection (SQLi) vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Elementor forms: from n/a through 1.3.0.

CVE-2023-36508: WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.1 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress contact-form-to-db allows SQL Injection.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.1.

CVE-2023-24410: WordPress FluentForm plugin <= 4.3.25 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms: from n/a through 4.3.25.

CVE-2023-37966: WordPress User Activity Log plugin <= 1.6.2 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin Infotech User Activity Log user-activity-log allows SQL Injection.This issue affects User Activity Log: from n/a through 1.6.2.

CVE-2023-28777: WordPress LearnDash LMS plugin <= 4.5.3 - Auth. SQL Injection (SQLi) vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LearnDash LearnDash LMS allows SQL Injection.This issue affects LearnDash LMS: from n/a through 4.5.3.

CVE-2023-25047: WordPress RSVPMaker plugin <= 9.9.3 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.

CVE-2023-24000: WordPress GamiPress plugin <= 2.5.7 - Unauthenticated SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GamiPress gamipress allows SQL Injection.This issue affects GamiPress: from n/a through 2.5.7.

CVE-2023-25045: WordPress RSVPMaker plugin <= 9.9.3 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David F. Carr RSVPMaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 9.9.3.