CVE-2017-1002028 CVSS:7.5
Vulnerability in wordpress plugin wordpress-gallery-transformation v1.0, SQL injection is in ./wordpress-gallery-transformation/gallery.php via $jpic parameter being unsanitized before being passed into an SQL query. (Last Update:2017-09-20) (Publish Update:2017-09-14)
CVE-2017-1002027 CVSS:7.5
Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rk_user_list.php. (Last Update:2017-09-20) (Publish Update:2017-09-14)
CVE-2017-1002026 CVSS:6.5
Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement. (Last Update:2017-09-20) (Publish Update:2017-09-14)
CVE-2017-1002025 CVSS:6.5
Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement. (Last Update:2017-09-21) (Publish Update:2017-09-14)
CVE-2017-1002023 CVSS:7.5
Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php (Last Update:2017-09-21) (Publish Update:2017-09-14)
CVE-2017-1002022 CVSS:7.5
Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query. (Last Update:2017-09-18) (Publish Update:2017-09-14)
CVE-2017-1002021 CVSS:7.5
Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query. (Last Update:2017-09-18) (Publish Update:2017-09-14)
CVE-2017-1002020 CVSS:7.5
Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query. (Last Update:2017-09-19) (Publish Update:2017-09-14)
CVE-2017-1002019 CVSS:7.5
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter. (Last Update:2017-09-18) (Publish Update:2017-09-14)
CVE-2017-1002018 CVSS:7.5
Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter. (Last Update:2017-09-18) (Publish Update:2017-09-14)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com