Wordfence Intelligence

Title	CVE ID	CVSS	Vector	Date
L4 Shopping Cart Plugin < 8.1.1 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 25, 2013
Spiffy XSPF Player <= 0.1 - SQL Injection	CVE-2013-3530	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 10, 2013
SpiderVPlayer <= 2.1 - SQL Injection	CVE-2013-3532	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 11, 2013
WordPress Video Gallery < 2.1 - SQL Injection	CVE-2013-3478	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 14, 2013
Flagallery-skins <= 1.1.5 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 22, 2013
JS Restaurant (All Versions) - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	July 8, 2013
Testimonial < 2.3 - SQL Injection	CVE-2013-5673	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	September 1, 2013
Testimonial < 2.3 - Multiple Vulnerabilities		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	September 1, 2013
Mukioplayer For WordPress <= 1.6 - SQL injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	September 13, 2013
NOSpamPTI <= 2.1 - SQL Injection	CVE-2013-5917	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	September 20, 2013
WPRealty <= 2.9.1 - Time-Based Blind SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	October 8, 2013
Wp-ImageZoom <= 1.0.7 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	October 9, 2013
WordPress Landing Pages < 1.2.3 - SQL Injection	CVE-2013-6243	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	October 10, 2013
Easy Career Openings <= 0.4 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	December 6, 2013
FormCraft <= 1.3.7 - SQL Injection	CVE-2013-7187	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	December 8, 2013
Search Everything <= 7.0.2 - SQL Injection	CVE-2014-2316	9.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N	February 11, 2014
AdRotate – Ad manager & AdSense Ads 3.9 - 3.9.4 - SQL Injection	CVE-2014-1854	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 22, 2014
Relevanssi <= 3.3 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 25, 2014
mTouch Quiz < 3.0.7 - SQL Injection	CVE-2014-100022	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 26, 2014
Welcart e-Commerce <= 2.9.1 - SQL Injection	CVE-2014-10017	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 4, 2014

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation

Vulnerabilities protected by our SQL Injection firewall rule

Showing 101-120 of 1,291 Vulnerabilities