Wordfence Intelligence

Title	CVE ID	CVSS	Vector	Date
YAWPP (Yet Another WordPress Petition Plugin) <= 1.2.1 - Authenticated SQL Injection	CVE-2014-5182	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
Quartz <= 1.01.1 - SQL Injection	CVE-2014-5185	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
WP Rss Poster <= 1.0.0 - SQL Injection	CVE-2014-4938	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
ENL Newsletter <= 1.0.1 - Authenticated (Admin+) SQL Injection	CVE-2014-4939	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
stripShow Plugin <= 2.5.2 - SQL Injection	CVE-2014-5184	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	May 28, 2014
Pinpoint Booking System – #1 WordPress Booking Plugin < 1.3 - SQL Injection	CVE-2014-3210	8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	May 21, 2014
WordPress Core < 3.8.2 - SQL Injection		7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	April 9, 2014
GD Star Rating <= 1.9.22 - Blind SQL Injection	CVE-2014-2839	7.2	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	March 28, 2014
Leaflet Maps Marker Pro < 1.5.8 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 27, 2014
Contextual Related Posts < 1.8.10.2 - SQL Injection	CVE-2014-3937	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 6, 2014
Welcart e-Commerce <= 2.9.1 - SQL Injection	CVE-2014-10017	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 4, 2014
mTouch Quiz < 3.0.7 - SQL Injection	CVE-2014-100022	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 26, 2014
Relevanssi <= 3.3 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 25, 2014
AdRotate – Ad manager & AdSense Ads 3.9 - 3.9.4 - SQL Injection	CVE-2014-1854	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 22, 2014
Search Everything <= 7.0.2 - SQL Injection	CVE-2014-2316	9.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N	February 11, 2014
FormCraft <= 1.3.7 - SQL Injection	CVE-2013-7187	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	December 8, 2013
Easy Career Openings <= 0.4 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	December 6, 2013
WordPress Landing Pages < 1.2.3 - SQL Injection	CVE-2013-6243	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	October 10, 2013
Wp-ImageZoom <= 1.0.7 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	October 9, 2013
WPRealty <= 2.9.1 - Time-Based Blind SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	October 8, 2013

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation

Vulnerabilities protected by our SQL Injection firewall rule

Showing 1161-1180 of 1,290 Vulnerabilities