Wordfence Intelligence   >   Search Results

Showing 1-20 of 282 search results

Refine your search

Tip: You can search by CVE ID, software name or slug, or the researcher name. Expand to read about more advanced search options.

If you want to perform more advanced lookups, you can use keywords to further refine your search.

For example, woocommerce researcher:"chloe chamberland" would search for any vulnerabilities discovered by Chloe Chamberland in software that has WooCommerce in the title.

Keywords are added in keyword:value format. If the value contains spaces, you must enclose it in quotation marks.

You can use the following keywords to add criteria to your search:

title
Searches through the title of each vulnerability for matches.
date
Returns vulnerabilities by publication date. Use YYYY-MM-DD, YYYY-MM or YYYY format.
cvss-rating
Use low, medium, high or critical to limit the search to vulnerabilities with the specified rating.
researcher
Returns vulnerabilities credited to researchers containing the given text.
software
Returns vulnerabilities discovered in software containing the given text.
software-slug
Returns vulnerabilities discovered in software exactly matching the given slug.
software-type
Use plugin, theme or core to limit the search to the specified type of software.
By selecting “Search” you acknowledge that you have read and agree to the Wordfence Intelligence Terms and Conditions.
Checkout Mestres WP <= 7.1.9.6 - Unauthenticated SQL Injection
9.8
CVE-2023-51469
Dec 27, 2023
Researcher: Rafie Muhammad
WebinarIgnition <= 3.05.0 - Unauthenticated SQL Injection
9.8
CVE-2023-51423
Dec 27, 2023
Researcher: Rafie Muhammad
JS Help Desk <= 2.8.1 - Unauthenticated SQL Injection via email and trackingid
9.8
CVE-2023-50839
Dec 21, 2023
Researcher: Fariq Fadillah Gusti Insani (fariqfgi)
Burst Statistics – Privacy-Friendly Analytics for WordPress 1.4.0 to 1.4.6.1 - Unauthenticated SQL Injection
9.8
CVE-2023-5761
Dec 6, 2023
Researcher: German Ritter
Sayfa Sayaç <= 2.6 - Unauthenticated SQL Injection
9.8
CVE-2023-49776
Dec 5, 2023
Researcher: Rafie Muhammad
Adifier System < 3.1.4 - Unauthenticated SQL Injection
9.8
CVE-2023-49752
Dec 4, 2023
Researcher: Vladislav Pokrovsky (ΞX.MI)
Couponis Demo < 2.2 - Unauthenticated SQL Injection
9.8
CVE-2023-49750
Dec 4, 2023
Researcher: Vladislav Pokrovsky (ΞX.MI)
HUSKY – Products Filter for WooCommerce (formerly WOOF) <= 1.3.4.2 - Unauthenticated SQL Injection via search terms
9.8
CVE-2023-40010
Nov 27, 2023
Researcher: Nguyen Anh Tien
My Calendar <= 3.4.21 - Unauthenticated SQL Injection
9.8
CVE-2023-6360
Nov 26, 2023
Researcher: Tenable
Porto Theme - Functionality <= 2.11.1 - Unauthenticated SQL Injection
9.8
CVE-2023-48738
Nov 23, 2023
Researcher: Rafie Muhammad
WP Fastest Cache <= 1.2.2 - Unauthenticated SQL Injection
9.8
CVE-2023-6063
Nov 13, 2023
Researcher: Alex Sanford
Article Analytics <= 1.0 - Unauthenticated SQL Injection
9.8
CVE-2023-5640
Oct 27, 2023
Researcher: Nicolas Surribas
WP Hotel Booking <= 2.0.7 - Unauthenticated SQL Injection
9.8
CVE-2023-5652
Oct 26, 2023
Researcher: Krzysztof Zając
LogDash Activity Log <= 1.1.3 - Unauthenticated SQL Injection
9.8
CVE-2023-6030
Oct 26, 2023
Researcher: Nicolas Surribas
Accessibility Suite by Online ADA <= 4.11 - Authenticated (Subscriber+) SQL Injection
9.8
CVE-2023-45830
Oct 13, 2023
Researcher: minhtuanact
AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response
9.8
CVE-2023-5204
Oct 11, 2023
Researcher: Marco Wotschka
WP Sessions Time Monitoring Full Automatic <= 1.0.8 - Unauthenticated SQL injection
9.8
CVE-2023-5203
Sep 11, 2023
Researcher: Nicolas Surribas
RSVPMarker <= 10.6.6 - Unauthenticated SQL Injection
9.8
CVE-2023-41652
Sep 1, 2023
Researcher: Ravi Dharmawan
WP Job Portal <= 2.0.5 - Unauthenticated SQL Injection
9.8
CVE-2023-4490
Aug 30, 2023
Researcher: Pablo Sanchez
Contact form 7 Custom validation <= 1.1.3 - Unauthenticated SQL Injection via 'post'
9.8
CVE-2023-40609
Aug 17, 2023
Researcher: minhtuanact
Title CVE ID CVSS Researchers Date
Checkout Mestres WP <= 7.1.9.6 - Unauthenticated SQL Injection CVE-2023-51469 9.8 Rafie Muhammad December 27, 2023
WebinarIgnition <= 3.05.0 - Unauthenticated SQL Injection CVE-2023-51423 9.8 Rafie Muhammad December 27, 2023
JS Help Desk <= 2.8.1 - Unauthenticated SQL Injection via email and trackingid CVE-2023-50839 9.8 Fariq Fadillah Gusti Insani (fariqfgi) December 21, 2023
Burst Statistics – Privacy-Friendly Analytics for WordPress 1.4.0 to 1.4.6.1 - Unauthenticated SQL Injection CVE-2023-5761 9.8 German Ritter December 6, 2023
Sayfa Sayaç <= 2.6 - Unauthenticated SQL Injection CVE-2023-49776 9.8 Rafie Muhammad December 5, 2023
Adifier System < 3.1.4 - Unauthenticated SQL Injection CVE-2023-49752 9.8 Vladislav Pokrovsky (ΞX.MI) December 4, 2023
Couponis Demo < 2.2 - Unauthenticated SQL Injection CVE-2023-49750 9.8 Vladislav Pokrovsky (ΞX.MI) December 4, 2023
HUSKY – Products Filter for WooCommerce (formerly WOOF) <= 1.3.4.2 - Unauthenticated SQL Injection via search terms CVE-2023-40010 9.8 Nguyen Anh Tien November 27, 2023
My Calendar <= 3.4.21 - Unauthenticated SQL Injection CVE-2023-6360 9.8 Tenable November 26, 2023
Porto Theme - Functionality <= 2.11.1 - Unauthenticated SQL Injection CVE-2023-48738 9.8 Rafie Muhammad November 23, 2023
WP Fastest Cache <= 1.2.2 - Unauthenticated SQL Injection CVE-2023-6063 9.8 Alex Sanford November 13, 2023
Article Analytics <= 1.0 - Unauthenticated SQL Injection CVE-2023-5640 9.8 Nicolas Surribas October 27, 2023
WP Hotel Booking <= 2.0.7 - Unauthenticated SQL Injection CVE-2023-5652 9.8 Krzysztof Zając October 26, 2023
LogDash Activity Log <= 1.1.3 - Unauthenticated SQL Injection CVE-2023-6030 9.8 Nicolas Surribas October 26, 2023
Accessibility Suite by Online ADA <= 4.11 - Authenticated (Subscriber+) SQL Injection CVE-2023-45830 9.8 minhtuanact October 13, 2023
AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response CVE-2023-5204 9.8 Marco Wotschka October 11, 2023
WP Sessions Time Monitoring Full Automatic <= 1.0.8 - Unauthenticated SQL injection CVE-2023-5203 9.8 Nicolas Surribas September 11, 2023
RSVPMarker <= 10.6.6 - Unauthenticated SQL Injection CVE-2023-41652 9.8 Ravi Dharmawan September 1, 2023
WP Job Portal <= 2.0.5 - Unauthenticated SQL Injection CVE-2023-4490 9.8 Pablo Sanchez August 30, 2023
Contact form 7 Custom validation <= 1.1.3 - Unauthenticated SQL Injection via 'post' CVE-2023-40609 9.8 minhtuanact August 17, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation