Wordfence Intelligence

Title	CVE ID	CVSS	Vector	Date
Album and Image Gallery with Lightbox – Flagallery Photo Portfolio <= 0.59 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
Axact Author List Widget < 3.0.0 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
Mingle Forum <= 1.0.32.1 - SQL Injection	CVE-2012-5328	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
WordPress Automatic Plugin <= 2.0.3 - Cross-Site Request Forgery to SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
G-Lock Double Opt-in Manager <= 2.6.5 - SQL Injection		8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
Mingle Forum <= 1.0.32.1 - SQL Injection	CVE-2012-5327	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
WP Symposium <= 12.11 - SQL Injections		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
WP eCommerce <= 3.8.9 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
Mingle Forum < 1.0.34 - Unauthenticated SQL Injection		8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
MyFTP <= 1.1 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
Global Flash Gallery <= 0.15.1 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
BSK PDF Manager <= 1.4 - Authenticated SQL Injection	CVE-2014-4944	9.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H	August 1, 2014
Yoast Duplicate Post <= 2.5 - SQL Injection	CVE-2014-10379	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
WP Easy Gallery <= 2.7 - SQL Injection		7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	August 1, 2014
FBGorilla (All Versions) - SQL Injection	CVE-2014-5200	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 28, 2014
Lead Octopus Power < 1.1.1 - SQL Injection	CVE-2014-5189	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 28, 2014
WORDPRESS VIDEO GALLERY < 2.6 - SQL Injection	CVE-2014-9097	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 24, 2014
Participants Database < 1.5.4.9 - SQL Injection	CVE-2014-3961	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 2, 2014
HDW Player Plugin (Video Player & Video Gallery) <= 2.4.2 - Authenticated (Admin+) SQL Injection	CVE-2014-5180	9.1	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H	May 28, 2014
Ultimate Product Catalog < 2.1.1 - Authenticated (Admin+) SQL Injection		7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 28, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation

Vulnerabilities protected by our SQL Injection firewall rule

Showing 1141-1160 of 1,291 Vulnerabilities