Vulnerabilities protected by our SQL Injection firewall rule

4,171,926
Attacks Blocked in Past 24 Hours

Showing 1-20 of 1,306 Vulnerabilities

Title CVE ID CVSS Vector Date
Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection CVE-2024-3922 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H June 11, 2024
Blog2Social: Social Media Auto Post & Scheduler <= 7.4.1 - Authenticated (Subscriber+) SQL Injection CVE-2024-3549 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 10, 2024
Music Store - WordPress eCommerce <= 1.1.13 - Authenticated (Admin+) SQL Injection CVE-2024-36082 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H June 10, 2024
Tutor LMS – eLearning and online course solution <= 2.7.1 -Authenticated (Administrator+) SQL Injection CVE-2024-4902 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H June 6, 2024
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress <= 9.0.1 - Authenticated (Contributor+) SQL Injection CVE-2024-3592 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 6, 2024
Visualizer <= 3.11.1 - Authenticated (Subscriber+) SQL Injection CVE-2024-35736 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 6, 2024
Gallery – Image and Video Gallery with Thumbnails <= 2.0.3 - Authenticated (Contributor+) SQL Injection CVE-2024-35750 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 6, 2024
Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress <= 1.7.2 - Authenticated (Author+) SQL Injection CVE-2024-35678 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H June 5, 2024
wpDataTables - Tables & Table Charts (Premium) <= 6.3.1 - Unauthenticated SQL Injection CVE-2024-3820 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H May 31, 2024
wpForo Forum <= 2.3.3 - Authenticated (Contributor+) SQL Injection CVE-2024-3200 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H May 31, 2024
HTML5 Video Player <= 2.5.26 - Unauthenticated SQL Injection CVE-2024-5522 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H May 30, 2024
WP TripAdvisor Review Slider <= 12.6 - Authenticated (Administrator+) SQL Injection CVE-2024-35630 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H May 27, 2024
Web Directory Free <= 1.6.9 - Unauthenticated SQL Injection CVE-2024-3552 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 23, 2024
Search & Replace <= 3.2.1 - Authenticated (Administrator+) SQL injection CVE-2024-4145 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 23, 2024
Unlimited Elements for Elementor <= 1.5.107 - Authenticated (Contributor+) SQL Injection via data[post_ids][0] CVE-2024-4779 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 22, 2024
KKProgressbar2 Free <= 1.1.4.2 - Authenticated (Admin+) SQL Injection CVE-2024-4533 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H May 6, 2024
Shipment Tracking, Tracking, and Order Tracking for WooCommerce – ParcelPanel (Free to install) <= 3.8.2 - Authenticated (Subscriber+) SQL Injection CVE-2024-34412 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H May 6, 2024
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (AccountingManager+) SQL Injection CVE-2024-1173 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 1, 2024
rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Subscriber+) SQL Injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H April 29, 2024
School Management Pro <= 10.3.4 - Authenticated (School Admin+) SQL Injection CVE-2024-33911 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H April 29, 2024

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation