Vendor CVEs
WordPress
All CVEs
32,708 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7567 | Cri | 0.67 | 9.8 | 0.09 | May 1, 2026 | The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, which fails to verify that the 'temp-login-token' GET parameter is a… | ||
| CVE-2026-1830 | Cri | 0.67 | 9.8 | 0.03 | Apr 9, 2026 | The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible… | ||
| CVE-2026-4257 | Cri | 0.67 | 9.8 | 0.41 | Mar 30, 2026 | The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in all versions up to, and including, 1.7.36. This is due to the plugin using the Twig `Twig_Loader_String` template engine without… | ||
| CVE-2025-6389 | Cri | 0.67 | 9.8 | 0.43 | Nov 25, 2025 | The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback() function. This is due to the function accepting user input and then passing that through call_user_func().… | ||
| CVE-2025-8489 | Cri | 0.67 | 9.8 | 0.09 | Oct 31, 2025 | The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in versions 24.12.92 to 51.1.14 . This is due to the plugin not properly restricting the roles that users can register with.… | ||
| CVE-2015-10143 | Cri | 0.67 | 9.8 | 0.02 | Jul 25, 2025 | The Platform theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the *_ajax_save_options() function in all versions up to 1.4.4 (exclusive). This makes it possible for unauthenticated… | ||
| CVE-2015-10137 | Cri | 0.67 | 9.8 | 0.03 | Jul 22, 2025 | The Website Contact Form With File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_file()' function in versions up to, and including, 1.3.4. This makes it possible for unauthenticated attackers to upload… | ||
| CVE-2015-10138 | Cri | 0.67 | 9.8 | 0.02 | Jul 19, 2025 | The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jQuery-File-Upload-9.5.0 server and test files in versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to… | ||
| CVE-2012-10019 | Cri | 0.67 | 9.8 | 0.02 | Jul 19, 2025 | The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which… | ||
| CVE-2020-36849 | Cri | 0.67 | 9.8 | 0.05 | Jul 12, 2025 | The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for… | ||
| CVE-2025-4524 | Cri | 0.67 | 9.8 | 0.09 | May 21, 2025 | The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute… | ||
| CVE-2025-3605 | Cri | 0.67 | 9.8 | 0.06 | May 9, 2025 | The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email… | ||
| CVE-2024-8856 | Cri | 0.67 | 9.8 | 0.94 | Nov 16, 2024 | The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible… | ||
| CVE-2024-9932 | Cri | 0.67 | 9.8 | 0.36 | Oct 26, 2024 | The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary… | ||
| CVE-2024-7094 | Cri | 0.67 | 9.8 | 0.38 | Aug 13, 2024 | The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on… | ||
| CVE-2023-6875 | Cri | 0.67 | 9.8 | 0.90 | Jan 11, 2024 | The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and… | ||
| CVE-2023-4521 | Cri | 0.67 | 9.8 | 0.39 | Sep 25, 2023 | The Import XML and RSS Feeds WordPress plugin before 2.1.5 contains a web shell, allowing unauthenticated attackers to perform RCE. The plugin/vendor was not compromised and the files are the result of running a PoC for a previously reported issue… | ||
| CVE-2023-2986 | Cri | 0.67 | 9.8 | 0.41 | Jun 8, 2023 | The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows… | ||
| CVE-2023-1730 | Cri | 0.67 | 9.8 | 0.41 | May 2, 2023 | The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks | ||
| CVE-2023-28662 | Cri | 0.67 | 9.8 | 0.42 | Mar 22, 2023 | The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action. | ||
| CVE-2022-4681 | Cri | 0.67 | 9.8 | 0.04 | Feb 6, 2023 | The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. | ||
| CVE-2022-4305 | Cri | 0.67 | 9.8 | 0.39 | Jan 23, 2023 | The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session. | ||
| CVE-2023-23488 | Cri | 0.67 | 9.8 | 0.92 | Jan 20, 2023 | The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route. | ||
| CVE-2022-4060 | Cri | 0.67 | 9.8 | 0.43 | Jan 16, 2023 | The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. | ||
| CVE-2022-4297 | Cri | 0.67 | 9.8 | 0.04 | Jan 2, 2023 | The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an unauthenticated SQL injection | ||
| CVE-2022-2840 | Cri | 0.67 | 9.8 | 0.10 | Sep 19, 2022 | The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections | ||
| CVE-2022-2754 | Cri | 0.67 | 9.8 | 0.38 | Sep 19, 2022 | The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks | ||
| CVE-2022-1905 | Cri | 0.67 | 9.8 | 0.37 | Jun 20, 2022 | The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection | ||
| CVE-2022-0773 | Cri | 0.67 | 9.8 | 0.43 | May 2, 2022 | The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users. | ||
| CVE-2022-0888 | Cri | 0.67 | 9.8 | 0.39 | Mar 23, 2022 | The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to… | ||
| CVE-2022-0441 | Cri | 0.67 | 9.8 | 0.85 | Mar 7, 2022 | The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin | ||
| CVE-2021-24442 | Cri | 0.67 | 9.8 | 0.47 | Jul 12, 2021 | The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks | ||
| CVE-2021-24370 | Cri | 0.67 | 9.8 | 0.47 | Jun 21, 2021 | The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution. | ||
| CVE-2021-24284 | Cri | 0.67 | 9.8 | 0.42 | May 14, 2021 | The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as… | ||
| CVE-2021-3120 | Cri | 0.67 | 9.8 | 0.37 | Feb 22, 2021 | An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability,… | ||
| CVE-2020-15363 | Cri | 0.67 | 9.8 | 0.06 | Jun 28, 2020 | The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection. | ||
| CVE-2020-8771 | Cri | 0.67 | 9.8 | 0.46 | Feb 6, 2020 | The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts. | ||
| CVE-2019-14314 | Cri | 0.67 | 9.8 | 0.43 | Aug 27, 2019 | A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package… | ||
| CVE-2019-10866 | Cri | 0.67 | 9.8 | 0.06 | May 23, 2019 | In the Form Maker plugin before 1.13.3 for WordPress, it's possible to achieve SQL injection in the function get_labels_parameters in the file form-maker/admin/models/Submissions_fm.php with a crafted value of the /models/Submissioc parameter. | ||
| CVE-2019-9184 | Cri | 0.67 | 9.8 | 0.09 | Feb 26, 2019 | SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter. | ||
| CVE-2018-17397 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter. | ||
| CVE-2018-17394 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter. | ||
| CVE-2018-17382 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter. | ||
| CVE-2018-17380 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter. | ||
| CVE-2018-17379 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter. | ||
| CVE-2018-17378 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter. | ||
| CVE-2018-17376 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter. | ||
| CVE-2018-17375 | Cri | 0.67 | 9.8 | 0.03 | Sep 28, 2018 | SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter. | ||
| CVE-2018-10969 | Cri | 0.67 | 9.8 | 0.05 | Jun 17, 2018 | SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid. | ||
| CVE-2018-7318 | Cri | 0.67 | 9.8 | 0.09 | Feb 22, 2018 | SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter. |
- risk 0.67cvss 9.8epss 0.09
The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybe_login_temporary_user() function, which fails to verify that the 'temp-login-token' GET parameter is a…
- risk 0.67cvss 9.8epss 0.03
The Quick Playground plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.3.1. This is due to insufficient authorization checks on REST API endpoints that expose a sync code and allow arbitrary file uploads. This makes it possible…
- risk 0.67cvss 9.8epss 0.41
The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in all versions up to, and including, 1.7.36. This is due to the plugin using the Twig `Twig_Loader_String` template engine without…
- risk 0.67cvss 9.8epss 0.43
The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback() function. This is due to the function accepting user input and then passing that through call_user_func().…
- risk 0.67cvss 9.8epss 0.09
The King Addons for Elementor – Free Elements, Widgets, Templates, and Features for Elementor plugin for WordPress is vulnerable to privilege escalation in versions 24.12.92 to 51.1.14 . This is due to the plugin not properly restricting the roles that users can register with.…
- risk 0.67cvss 9.8epss 0.02
The Platform theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the *_ajax_save_options() function in all versions up to 1.4.4 (exclusive). This makes it possible for unauthenticated…
- risk 0.67cvss 9.8epss 0.03
The Website Contact Form With File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_file()' function in versions up to, and including, 1.3.4. This makes it possible for unauthenticated attackers to upload…
- risk 0.67cvss 9.8epss 0.02
The Work The Flow File Upload plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jQuery-File-Upload-9.5.0 server and test files in versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to…
- risk 0.67cvss 9.8epss 0.02
The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which…
- risk 0.67cvss 9.8epss 0.05
The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php file in versions up to, and including, 3.0.3. This makes it possible for…
- risk 0.67cvss 9.8epss 0.09
The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute…
- risk 0.67cvss 9.8epss 0.06
The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.1.1. This is due to the plugin not properly validating a user's identity prior to updating their details like email…
- risk 0.67cvss 9.8epss 0.94
The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the the UploadHandler.php file and no direct file access prevention in all versions up to, and including, 1.22.21. This makes it possible…
- risk 0.67cvss 9.8epss 0.36
The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. This makes it possible for unauthenticated attackers to upload arbitrary…
- risk 0.67cvss 9.8epss 0.38
The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on…
- risk 0.67cvss 9.8epss 0.90
The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a type juggling issue on the connect-app REST endpoint in all versions up to, and…
- risk 0.67cvss 9.8epss 0.39
The Import XML and RSS Feeds WordPress plugin before 2.1.5 contains a web shell, allowing unauthenticated attackers to perform RCE. The plugin/vendor was not compromised and the files are the result of running a PoC for a previously reported issue…
- risk 0.67cvss 9.8epss 0.41
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows…
- risk 0.67cvss 9.8epss 0.41
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks
- risk 0.67cvss 9.8epss 0.42
The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action.
- risk 0.67cvss 9.8epss 0.04
The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
- risk 0.67cvss 9.8epss 0.39
The Login as User or Customer WordPress plugin before 3.3 lacks authorization checks to ensure that users are allowed to log in as another one, which could allow unauthenticated attackers to obtain a valid admin session.
- risk 0.67cvss 9.8epss 0.92
The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route.
- risk 0.67cvss 9.8epss 0.43
The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.
- risk 0.67cvss 9.8epss 0.04
The WP AutoComplete Search WordPress plugin through 1.0.4 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX available to unauthenticated users, leading to an unauthenticated SQL injection
- risk 0.67cvss 9.8epss 0.10
The Zephyr Project Manager WordPress plugin before 3.2.5 does not sanitise and escape various parameters before using them in SQL statements via various AJAX actions available to both unauthenticated and authenticated users, leading to SQL injections
- risk 0.67cvss 9.8epss 0.38
The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters before using them in SQL statements, which could allow unauthenticated attackers to perform SQL Injection attacks
- risk 0.67cvss 9.8epss 0.37
The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection
- risk 0.67cvss 9.8epss 0.43
The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users.
- risk 0.67cvss 9.8epss 0.39
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to…
- risk 0.67cvss 9.8epss 0.85
The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin
- risk 0.67cvss 9.8epss 0.47
The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks
- risk 0.67cvss 9.8epss 0.47
The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.
- risk 0.67cvss 9.8epss 0.42
The Kaswara Modern VC Addons WordPress plugin through 3.0.1 allows unauthenticated arbitrary file upload via the 'uploadFontIcon' AJAX action. The supplied zipfile being unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as…
- risk 0.67cvss 9.8epss 0.37
An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability,…
- risk 0.67cvss 9.8epss 0.06
The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.
- risk 0.67cvss 9.8epss 0.46
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts.
- risk 0.67cvss 9.8epss 0.43
A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.11 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system via modules/nextgen_gallery_display/package…
- risk 0.67cvss 9.8epss 0.06
In the Form Maker plugin before 1.13.3 for WordPress, it's possible to achieve SQL injection in the function get_labels_parameters in the file form-maker/admin/models/Submissions_fm.php with a crafted value of the /models/Submissioc parameter.
- risk 0.67cvss 9.8epss 0.09
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter.
- risk 0.67cvss 9.8epss 0.03
SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter.
- risk 0.67cvss 9.8epss 0.05
SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.
- risk 0.67cvss 9.8epss 0.09
SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter.
Page 3 of 655