Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2023-27605: WordPress WP Reroute Email plugin <= 1.4.6 - Auth. SQL Injection (SQLi) vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sajjad Hossain WP Reroute Email allows SQL Injection.This issue affects WP Reroute Email: from n/a through 1.4.6.

CVE
Open in Source
#sql#vulnerability#wordpress#auth
CVE-2023-40207: WordPress Donations Made Easy – Smart Donations plugin <= 4.0.12 - SQL Injection - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RedNao Donations Made Easy – Smart Donations allows SQL Injection.This issue affects Donations Made Easy – Smart Donations: from n/a through 4.0.12.

CVE-2023-38382: WordPress Subscribe to Category plugin <= 2.7.4 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4.

CVE-2023-45001: WordPress Seriously Simple Stats plugin <= 1.5.0 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Castos Seriously Simple Stats allows SQL Injection.This issue affects Seriously Simple Stats: from n/a through 1.5.0.

CVE-2023-41685: WordPress Woocommerce Support System plugin <= 1.2.1 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ilGhera Woocommerce Support System allows SQL Injection.This issue affects Woocommerce Support System: from n/a through 1.2.1.

CVE-2023-40609: WordPress Contact form 7 Custom validation plugin <= 1.1.3 - Unauth. SQL Injection (SQLi) vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aiyaz, maheshpatel Contact form 7 Custom validation allows SQL Injection.This issue affects Contact form 7 Custom validation: from n/a through 1.1.3.

CVE-2023-45046: WordPress Pressference Exporter plugin <= 1.0.3 - SQL Injection vulnerability - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pressference Pressference Exporter allows SQL Injection.This issue affects Pressference Exporter: from n/a through 1.0.3.

CVE-2022-47430: WordPress The School Management plugin <= 4.1 - SQL Injection - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar The School Management – Education & Learning Management allows SQL Injection.This issue affects The School Management – Education & Learning Management: from n/a through 4.1.

CVE-2022-47432: WordPress Shortcode IMDB plugin <= 6.0.8 - SQL Injection - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kemal YAZICI - PluginPress Shortcode IMDB allows SQL Injection.This issue affects Shortcode IMDB: from n/a through 6.0.8.

CVE-2022-47428: WordPress Booking calendar, Appointment Booking System plugin <= 3.2.7 - SQL Injection - Patchstack

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7.