Search Results

🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Wordfence Intelligence > Search Results

Showing 261-280 of 282 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title

Searches through the title of each vulnerability for matches.

date

Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.

cvss-rating

Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.

researcher

Returns vulnerabilities credited to researchers containing the given text.

software

Returns vulnerabilities discovered in software containing the given text.

software-slug

Returns vulnerabilities discovered in software exactly matching the given slug.

software-type

Use plugin, theme or core to limit the search to the specified type of software.

By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.

WP Review Slider <= 12.1 - Authenticated (Subscriber+) SQL Injection

8.8

CVE-2023-0260

Jan 23, 2023

Researcher: István Márton

Pinpoint Booking System <= 2.9.9.2.8 - Authenticated (Subscriber+) SQL Injection

8.8

CVE-2023-0220

Jan 23, 2023

Researcher: István Márton

Booking Calendar <= 9.4.2 - Authenticated (Admin+) SQL Injection

6.6

CVE-2023-23991

Jan 20, 2023

Researcher: Rafshanzani Suhada

LearnPress <= 4.1.7.3.2 - Unauthenticated SQL Injection

9.8

CVE-2022-45808

Jan 20, 2023

Researcher: Fadilah Agung Nugraha

RapidLoad Power-Up for Autoptimize <= 1.6.35 - Authenticated (Subscriber+) SQL Injection

7.2

CVE-2022-47593

Jan 20, 2023

Researcher: Le Ngoc Anh

FL3R FeelBox <= 8.1 - Unauthenticated SQL Injection

9.8

CVE-2022-4445

Jan 20, 2023

Researcher: cydave

WP Helper Premium <= 4.2.0 - Authenticated (Contributor+) SQL Injection

8.8

CVE ID Unknown

Jan 19, 2023

Researchers:

Mapwiz <= 1.0.1 - Authenticated (Admin+) SQL Injection

7.2

CVE-2022-4546

Jan 19, 2023

Researchers: Kunal Sharma, Daniel Krohmer

GiveWP <= 2.23.2 - Unauthenticated SQL Injection

9.8

CVE-2023-0224

Jan 19, 2023

Researchers:

WP-TopBar <= 5.36 - Authenticated (Administrator+) SQL Injection

7.2

CVE-2023-23824

Jan 19, 2023

Researcher: thiennv

MainWP Broken Link Checker <= 4.0 - Unauthenticated SQL Injection

9.8

CVE-2023-23737

Jan 18, 2023

Researcher: Dave Jong

MainWP Maintenance Extension <= 4.1.1 - Authenticated (Subscriber+) SQL Injection

8.8

CVE-2023-23660

Jan 18, 2023

Researcher: Dave Jong

MainWP Google Analytics Extension <= 4.0.4 - Authenticated (Subscriber+) SQL Injection

8.8

CVE-2023-23651

Jan 17, 2023

Researcher: Dave Jong

Simple URLs <= 114 - Authenticated (Subscriber+) SQL Injection

8.8

CVE-2023-0098

Jan 17, 2023

Researcher: dc11

Custom 404 Pro <= 3.7.0 - Authenticated (Administrator+) SQL Injection

7.2

CVE-2022-47605

Jan 13, 2023

Researcher: minhtuanact

SiteGround Security <= 1.3.0 - Authenticated (Administrator+) SQL Injection

7.2

CVE-2023-0234

Jan 13, 2023

Researcher: So Sakaguchi

Easy Digital Downloads < 3.1.0.4 - SQL Injection

9.8

CVE-2023-23489

Jan 12, 2023

Researcher: Joshua Martinelle

Simple Membership WP user Import <= 1.7 - Authenticated (Admin+) SQL Injection

7.2

CVE-2023-0254

Jan 12, 2023

Researcher: Etan Imanol Castro Aldrete

Paid Memberships Pro < 2.9.8 - Unauthenticated SQL Injection

9.8

CVE-2023-23488

Jan 12, 2023

Researcher: Joshua Martinelle

Survey Maker < 3.1.2 - Authenticated (Subscriber+) SQL Injection

8.8

CVE-2023-23490

Jan 12, 2023

Researcher: Joshua Martinelle

Title	CVE ID	CVSS	Researchers	Date
WP Review Slider <= 12.1 - Authenticated (Subscriber+) SQL Injection	CVE-2023-0260	8.8	István Márton	January 23, 2023
Pinpoint Booking System <= 2.9.9.2.8 - Authenticated (Subscriber+) SQL Injection	CVE-2023-0220	8.8	István Márton	January 23, 2023
Booking Calendar <= 9.4.2 - Authenticated (Admin+) SQL Injection	CVE-2023-23991	6.6	Rafshanzani Suhada	January 20, 2023
LearnPress <= 4.1.7.3.2 - Unauthenticated SQL Injection	CVE-2022-45808	9.8	Fadilah Agung Nugraha	January 20, 2023
RapidLoad Power-Up for Autoptimize <= 1.6.35 - Authenticated (Subscriber+) SQL Injection	CVE-2022-47593	7.2	Le Ngoc Anh	January 20, 2023
FL3R FeelBox <= 8.1 - Unauthenticated SQL Injection	CVE-2022-4445	9.8	cydave	January 20, 2023
WP Helper Premium <= 4.2.0 - Authenticated (Contributor+) SQL Injection		8.8		January 19, 2023
Mapwiz <= 1.0.1 - Authenticated (Admin+) SQL Injection	CVE-2022-4546	7.2	Kunal Sharma, Daniel Krohmer	January 19, 2023
GiveWP <= 2.23.2 - Unauthenticated SQL Injection	CVE-2023-0224	9.8		January 19, 2023
WP-TopBar <= 5.36 - Authenticated (Administrator+) SQL Injection	CVE-2023-23824	7.2	thiennv	January 19, 2023
MainWP Broken Link Checker <= 4.0 - Unauthenticated SQL Injection	CVE-2023-23737	9.8	Dave Jong	January 18, 2023
MainWP Maintenance Extension <= 4.1.1 - Authenticated (Subscriber+) SQL Injection	CVE-2023-23660	8.8	Dave Jong	January 18, 2023
MainWP Google Analytics Extension <= 4.0.4 - Authenticated (Subscriber+) SQL Injection	CVE-2023-23651	8.8	Dave Jong	January 17, 2023
Simple URLs <= 114 - Authenticated (Subscriber+) SQL Injection	CVE-2023-0098	8.8	dc11	January 17, 2023
Custom 404 Pro <= 3.7.0 - Authenticated (Administrator+) SQL Injection	CVE-2022-47605	7.2	minhtuanact	January 13, 2023
SiteGround Security <= 1.3.0 - Authenticated (Administrator+) SQL Injection	CVE-2023-0234	7.2	So Sakaguchi	January 13, 2023
Easy Digital Downloads < 3.1.0.4 - SQL Injection	CVE-2023-23489	9.8	Joshua Martinelle	January 12, 2023
Simple Membership WP user Import <= 1.7 - Authenticated (Admin+) SQL Injection	CVE-2023-0254	7.2	Etan Imanol Castro Aldrete	January 12, 2023
Paid Memberships Pro < 2.9.8 - Unauthenticated SQL Injection	CVE-2023-23488	9.8	Joshua Martinelle	January 12, 2023
Survey Maker < 3.1.2 - Authenticated (Subscriber+) SQL Injection	CVE-2023-23490	8.8	Joshua Martinelle	January 12, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation