- SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements that control a web application's database server.
- Use parameterized queries when dealing with SQL queries that contains user input. Parameterized queries allows the database to understand which parts of the SQL query should be considered as user input, therefore solving SQL injection.
- WordPress Plugin Photo Gallery by WD-Responsive Photo Gallery for WordPress SQL Injection (1.2.7)
- WordPress Plugin WassUp Real Time Analytics 'spy.php' SQL Injection (1.4.3)
- WordPress Plugin Contact Form 'wpcf_easyform_formid' Parameter SQL Injection (2.7.5)
- WordPress Plugin WP-PostRatings SQL Injection (1.83.1)
- WordPress Plugin WP-Download 'dl_id' Parameter SQL Injection (1.2)