Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes.This issue affects Recipe Maker For Your Food Blog from Zip Recipes: from n/a through 8.1.0.
Max CVSS
8.1
EPSS Score
0.05%
Published
2023-12-31
Updated
2024-01-08
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form LITE – Drag & Drop Contact Form Builder for WordPress: from n/a through 1.9.170.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-29
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through 4.0.2.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-31
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-12-31
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jewel Theme WP Adminify.This issue affects WP Adminify: from n/a through 3.1.6.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-31
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-31
Updated
2024-01-05
SteVe Community ocpp-jaxb before 0.0.8 generates invalid timestamps such as ones with month 00 in certain situations (such as when an application receives a StartTransaction Open Charge Point Protocol message with a timestamp parameter of 1000000). This may lead to a SQL exception in applications, and may undermine the integrity of transaction records.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-12-26
Updated
2024-01-04
Lychee is a free photo-management tool. Prior to 5.0.2, Lychee is vulnerable to an SQL injection on any binding when using mysql/mariadb. This injection is only active for users with the `.env` settings set to DB_LOG_SQL=true and DB_LOG_SQL_EXPLAIN=true. The defaults settings of Lychee are safe. The patch is provided on version 5.0.2. To work around this issue, disable SQL EXPLAIN logging.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-28
Updated
2024-01-04
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPManageNinja LLC Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin.This issue affects Fluent Support – WordPress Helpdesk and Customer Support Ticket Plugin: from n/a through 1.7.6.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-31
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mestres do WP Checkout Mestres WP.This issue affects Checkout Mestres WP: from n/a through 7.1.9.6.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-31
Updated
2024-01-05
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist.
Max CVSS
8.8
EPSS Score
0.07%
Published
2023-12-22
Updated
2023-12-29
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition: from n/a through 3.05.0.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-31
Updated
2024-01-05
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-21
Updated
2023-12-29
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-21
Updated
2023-12-29
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-21
Updated
2023-12-27
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-21
Updated
2023-12-27
S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-12-21
Updated
2023-12-27
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit.This issue affects Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit: from n/a through 2.6.1.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-04
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits.This issue affects Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels & Maximize Profits: from n/a through 2.14.3.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-04
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sam Perrow Pre* Party Resource Hints.This issue affects Pre* Party Resource Hints: from n/a through 1.8.18.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Squirrly Squirrly SEO - Advanced Pack.This issue affects Squirrly SEO - Advanced Pack: from n/a through 2.3.8.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms.This issue affects Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms: from n/a through 1.75.0.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Booking Calendar | Appointment Booking | BookIt.This issue affects Booking Calendar | Appointment Booking | BookIt: from n/a through 2.4.3.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-05
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in N Squared Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin.This issue affects Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin: from n/a before 1.6.6.1.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-04
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E2Pdf.Com E2Pdf – Export To Pdf Tool for WordPress.This issue affects E2Pdf – Export To Pdf Tool for WordPress: from n/a through 1.20.23.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-12-28
Updated
2024-01-05
2159 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!