🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Vulnerabilities protected by our SQL Injection firewall rule

2,610,868

Attacks Blocked in Past 24 Hours

Showing 921-940 of 1,291 Vulnerabilities

Documentor – Create Product Documentation <= 1.5.3 - Unauthenticated SQL Injection

9.8

CVE-2022-0773

Apr 13, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Daily Prayer Time < 2022.03.01 - Unauthenticated SQL Injection

9.8

CVE-2022-0785

Apr 13, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

5 Stars Rating Funnel <= 1.2.53 - Unauthenticated SQL Injection

9.8

CVE-2022-0657

Apr 13, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SEMA API <= 3.64 - SQL Injection

9.8

CVE-2022-0836

Apr 13, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

BadgeOS <= 3.7.0 - Unauthenticated SQL Injection

9.8

CVE-2022-0817

Apr 13, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Users Ultra Membership, Users Community and Member Profiles With PayPal Integration Plugin <= 3.1.0 - Unauthenticated SQL Injection

9.8

CVE-2022-0769

Apr 13, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Contest Gallery – Photo Contest Plugin for WordPress <= 13.1.0.5 - SQL Injection

9.8

CVE-2021-24915

Apr 13, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Master Elements <= 8.0 - Unauthenticated SQL injection

9.8

CVE-2022-0693

Apr 11, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tipsacarrier <= 1.4.4.2 - Unauthenticated SQL Injection

9.8

CVE ID Unknown

Apr 5, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Donations <= 1.8 - Unauthenticated SQL Injection

9.8

CVE-2022-0782

Mar 29, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

WP Block and Stop Bad Bots <= 6.92 - SQL Injection

9.8

CVE-2022-0949

Mar 16, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

WP Block and Stop Bad Bots <= 6.88 - SQL Injection

9.8

CVE-2021-25070

Mar 8, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Popup Builder <= 4.1.0 - SQL Injection

9.8

CVE-2022-0479

Mar 7, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQL Injection

9.8

CVE-2022-0846

Mar 7, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Title Experiments Free <= 9.0.0 - SQL Injection

9.8

CVE-2022-0784

Mar 7, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Limit Login Attempts (Spam Protection) <= 4.9.1 - Unauthenticated SQL Injection

9.8

CVE-2022-0787

Mar 2, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NotificationX <= 2.3.11 - SQL Injection

9.8

CVE ID Unknown

Feb 28, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Advanced Booking Calendar <= 1.6.9 - Unauthenticated SQL Injection

9.8

CVE-2022-0694

Feb 28, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Simple Link Directory <= 7.7.1 - Unauthenticated SQL Injection

9.8

CVE-2022-0760

Feb 28, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Infographic Maker – iList <= 4.3.7 - SQL Injection

9.8

CVE-2022-0747

Feb 28, 2022

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Title	CVE ID	CVSS	Vector	Date
Documentor – Create Product Documentation <= 1.5.3 - Unauthenticated SQL Injection	CVE-2022-0773	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 13, 2022
Daily Prayer Time < 2022.03.01 - Unauthenticated SQL Injection	CVE-2022-0785	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 13, 2022
5 Stars Rating Funnel <= 1.2.53 - Unauthenticated SQL Injection	CVE-2022-0657	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 13, 2022
SEMA API <= 3.64 - SQL Injection	CVE-2022-0836	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 13, 2022
BadgeOS <= 3.7.0 - Unauthenticated SQL Injection	CVE-2022-0817	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 13, 2022
Users Ultra Membership, Users Community and Member Profiles With PayPal Integration Plugin <= 3.1.0 - Unauthenticated SQL Injection	CVE-2022-0769	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 13, 2022
Contest Gallery – Photo Contest Plugin for WordPress <= 13.1.0.5 - SQL Injection	CVE-2021-24915	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 13, 2022
Master Elements <= 8.0 - Unauthenticated SQL injection	CVE-2022-0693	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 11, 2022
Tipsacarrier <= 1.4.4.2 - Unauthenticated SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 5, 2022
Donations <= 1.8 - Unauthenticated SQL Injection	CVE-2022-0782	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 29, 2022
WP Block and Stop Bad Bots <= 6.92 - SQL Injection	CVE-2022-0949	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 16, 2022
WP Block and Stop Bad Bots <= 6.88 - SQL Injection	CVE-2021-25070	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 8, 2022
Popup Builder <= 4.1.0 - SQL Injection	CVE-2022-0479	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 7, 2022
SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQL Injection	CVE-2022-0846	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 7, 2022
Title Experiments Free <= 9.0.0 - SQL Injection	CVE-2022-0784	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 7, 2022
Limit Login Attempts (Spam Protection) <= 4.9.1 - Unauthenticated SQL Injection	CVE-2022-0787	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 2, 2022
NotificationX <= 2.3.11 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 28, 2022
Advanced Booking Calendar <= 1.6.9 - Unauthenticated SQL Injection	CVE-2022-0694	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 28, 2022
Simple Link Directory <= 7.7.1 - Unauthenticated SQL Injection	CVE-2022-0760	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 28, 2022
Infographic Maker – iList <= 4.3.7 - SQL Injection	CVE-2022-0747	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 28, 2022

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation