🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Vulnerabilities protected by our SQL Injection firewall rule

2,716,976

Attacks Blocked in Past 24 Hours

Showing 881-900 of 1,291 Vulnerabilities

Mojoomla School Management System (Unspecified Version) - Authenticated (Student+) SQL Injection

8.8

CVE-2017-14843

Sep 26, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Mojoomla Hospital Management System for WordPress Theme < 22-05-2018 - SQL Injection

8.8

CVE-2017-14846

Sep 26, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

WPGYM - Wordpress Gym Management System (Unknown Version) - SQL Injection

8.8

CVE-2017-14844

Sep 26, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Gallery – Image and Video Gallery with Thumbnails < 1.2.1 - SQL Injection

9.8

CVE-2017-14125

Sep 22, 2017

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

WordPress Core < 4.8.2 - SQL Injection via Mishandled Placeholders

9.8

CVE-2017-14723

Sep 19, 2017

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Active Directory Integration <= 1.1.8 - Authenticated (Admin+) SQL Injection

7.2

CVE ID Unknown

Sep 11, 2017

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

WPHRM - Human Resource Management System < 1.1 - SQL Injection

8.8

CVE-2017-14848

Sep 9, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SQL Shortcode <= 1.1 - SQL Execution

8.8

CVE ID Unknown

Sep 2, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Photo Gallery by 10Web <= 1.3.50 - Authenticated SQL Injection via tag_id Parameter

7.2

CVE-2017-12977

Aug 20, 2017

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Link Library <= 5.9.13.26 – SQL Injection

7.2

CVE ID Unknown

Aug 14, 2017

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Loginizer <= 1.3.5 - Blind SQL Injection

9.8

CVE-2017-12650

Aug 8, 2017

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Easy Modal < 2.1.0 - SQL Injection

7.2

CVE-2017-12947

Aug 7, 2017

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Podlove Podcast Publisher <= 2.5.3 - Authenticated SQL Injection

8.0

CVE-2017-12949

Aug 7, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Easy Modal < 2.1.0 - Authenticated (Admin+) SQL Injection

7.2

CVE-2017-12946

Aug 7, 2017

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

RK Responsive Contact Form <= 1.0.0 - SQL Injection

8.8

CVE-2017-1002027

Aug 5, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Ultimate Product Catalog <= 4.2.22 - SQL Injection

9.8

CVE-2017-12199

Aug 1, 2017

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

WordPress Gallery Transforation < 0.7 - SQL Injection

9.8

CVE-2017-1002028

Jul 22, 2017

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Task Manager Pro <= 1.3.1 - Blind SQL Injection

8.8

CVE ID Unknown

Jul 11, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

IBPS Online Exam Plugin for WordPress <= 1.0 - SQL Injection

8.8

CVE-2017-18602

Jul 11, 2017

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

DSubscribers < 1.2.1 - Authenticated (Admin+) SQL Injection

7.2

CVE ID Unknown

Jul 6, 2017

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Title	CVE ID	CVSS	Vector	Date
Mojoomla School Management System (Unspecified Version) - Authenticated (Student+) SQL Injection	CVE-2017-14843	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	September 26, 2017
Mojoomla Hospital Management System for WordPress Theme < 22-05-2018 - SQL Injection	CVE-2017-14846	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	September 26, 2017
WPGYM - Wordpress Gym Management System (Unknown Version) - SQL Injection	CVE-2017-14844	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	September 26, 2017
Gallery – Image and Video Gallery with Thumbnails < 1.2.1 - SQL Injection	CVE-2017-14125	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	September 22, 2017
WordPress Core < 4.8.2 - SQL Injection via Mishandled Placeholders	CVE-2017-14723	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	September 19, 2017
Active Directory Integration <= 1.1.8 - Authenticated (Admin+) SQL Injection		7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	September 11, 2017
WPHRM - Human Resource Management System < 1.1 - SQL Injection	CVE-2017-14848	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	September 9, 2017
SQL Shortcode <= 1.1 - SQL Execution		8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	September 2, 2017
Photo Gallery by 10Web <= 1.3.50 - Authenticated SQL Injection via tag_id Parameter	CVE-2017-12977	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 20, 2017
Link Library <= 5.9.13.26 – SQL Injection		7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 14, 2017
Loginizer <= 1.3.5 - Blind SQL Injection	CVE-2017-12650	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 8, 2017
Easy Modal < 2.1.0 - SQL Injection	CVE-2017-12947	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 7, 2017
Podlove Podcast Publisher <= 2.5.3 - Authenticated SQL Injection	CVE-2017-12949	8.0	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H	August 7, 2017
Easy Modal < 2.1.0 - Authenticated (Admin+) SQL Injection	CVE-2017-12946	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 7, 2017
RK Responsive Contact Form <= 1.0.0 - SQL Injection	CVE-2017-1002027	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	August 5, 2017
Ultimate Product Catalog <= 4.2.22 - SQL Injection	CVE-2017-12199	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2017
WordPress Gallery Transforation < 0.7 - SQL Injection	CVE-2017-1002028	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 22, 2017
Task Manager Pro <= 1.3.1 - Blind SQL Injection		8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	July 11, 2017
IBPS Online Exam Plugin for WordPress <= 1.0 - SQL Injection	CVE-2017-18602	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	July 11, 2017
DSubscribers < 1.2.1 - Authenticated (Admin+) SQL Injection		7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	July 6, 2017

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation