Vulnerability Name CVE Severity
1 Flash Gallery Cross-Site Scripting and SQL Injection Vulnerabilities (0.2.5)
10Web Map Builder for Google Maps SQL Injection (1.0.72)
301 Redirects-Easy Redirect Manager SQL Injection (2.50) CVE-2021-24142
404 SEO Redirection SQL Injection (1.0)
404 to 301-Redirect, Log and Notify 404 Errors SQL Injection (2.0.2)
Abandoned Cart Lite for WooCommerce SQL Injection (1.8)
Abandoned Cart Lite for WooCommerce SQL Injection (5.8.1)
Accessibility Suite by Online ADA SQL Injection (2.0.10)
AccessPress Social Icons Multiple SQL Injection Vulnerabilities (1.6.6)
AccessPress Social Icons SQL Injection (1.8.0) CVE-2021-24143
ACF:Better Search SQL Injection (2.0.2)
Active Directory Integration SQL Injection (1.1.8)
Add Edit Delete Listing Module SQL Injection (1.0) CVE-2017-1002025
Adicon Server SQL Injection (1.2)
AdRotate-Ad manager & AdSense Ads 'adrotate-out.php' SQL Injection (3.6.6) CVE-2011-4671
AdRotate-Ad manager & AdSense Ads 'track' Parameter SQL Injection (3.6.5) CVE-2011-4671
AdRotate-Ad manager & AdSense Ads SQL Injection (3.9.4) CVE-2014-1854
AdRotate-Ad manager & AdSense Ads SQL Injection (5.2) CVE-2019-13570
AdRotate-Ad manager & AdSense Ads SQL Injection (5.8.3.1) CVE-2021-24138
AdServe 'id' Parameter SQL Injection (0.2) CVE-2008-0507
Advanced Booking Calendar SQL Injection (1.6.1)
Advanced Contact form 7 DB SQL Injection (1.6.0)
Advanced Contact form 7 DB SQL Injection (1.6.1) CVE-2019-13571
Advanced Database Cleaner SQL Injection (3.0.1) CVE-2021-24141
Advertizer 'id' Parameter SQL Injection (1.0)
Affiliates Manager SQL Injection (2.8.6) CVE-2021-24844
AffiliateWP SQL Injection (1.5.6)
Agentejo Cockpit CMS resetpassword NoSQLi (CVE-2020-35847) CVE-2020-35847
Ajax Category Dropdown Cross-Site Scripting and SQL Injection Vulnerabilities (0.1.5)
Ajax Gallery 'list.php' SQL Injection (3.0)
AJAX Post Search 'srch_txt' Parameter SQL Injection (1.2) CVE-2012-5853
Ajax Store Locator SQL Injection (1.2.0)
All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs-My Sticky Elements SQL Injection (2.0.8) CVE-2023-0487
All-In-One Security (AIOS)-Security and Firewall Multiple SQL Injection Vulnerabilities (3.8.2) CVE-2014-6242
All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.8.7) CVE-2015-0894
All-In-One Security (AIOS)-Security and Firewall SQL Injection (3.9.0)
All-In-One Security (AIOS)-Security and Firewall SQL Injection (4.0.8)
Allow PHP in Posts and Pages 'id' Parameter SQL Injection (2.0.0.RC1)
All Video Gallery 'vid' Parameter Multiple SQL Injection Vulnerabilities (1.1) CVE-2012-6653
All Video Gallery SQL Injection (1.2) CVE-2014-5186
Amazon Product in a Post SQL Injection (3.5.2)
Answer My Question SQL Injection (1.3)
Appointment Booking Calendar SQL Injection (1.1.23)
Asgaros Forum Multiple SQL Injection Vulnerabilities (1.15.12) CVE-2021-24827
A to Z Category Listing 'R' Parameter SQL Injection (1.3)
Auto Affiliate Links Multiple SQL Injection Vulnerabilities (4.9.9.4)
Automatic 'q' Parameter SQL Injection (2.0.3)
Availability Calendar SQL Injection (1.2) CVE-2021-24606
AVH Extended Categories Widgets SQL Injection (4.0.0)
Awesome Filterable Portfolio Multiple SQL Injection Vulnerabilities (1.8.6)
Backup, Restore and Migrate WordPress Sites With the XCloner SQL Injection (4.2.161)
BadgeOS SQL Injection (3.7.0) CVE-2022-0817
BadgeOS SQL Injection (3.7.1.2) CVE-2022-2958
bbPress Like Button SQL Injection (1.5)
bbPress SQL Injection (2.5.14)
BBS e-Franchise SQL Injection (1.1.1)
Better Search SQL Injection (2.2.2)
BillQuick Web Suite SQL injection (CVE-2021-42258) CVE-2021-42258
Blog2Social:Social Media Auto Post & Scheduler SQL Injection (5.5.0) CVE-2019-13572
Blog2Social:Social Media Auto Post & Scheduler SQL Injection (6.3.0) CVE-2021-24137
Blogger To WordPress SQL Injection (2.2.1)
Booking Calendar SQL Injection (6.2.2)
Booking Calendar SQL Injection (8.4.4) CVE-2018-20556
BookingPress-Appointments Booking Calendar and Online Scheduling SQL Injection (1.0.10) CVE-2022-0739
Breezing Forms SQL Injection (1.2.7.30)
Broken Link Manager SQL Injection (0.6.5) CVE-2021-24550
BSK PDF Manager Multiple SQL Injection Vulnerabilities (1.3.2) CVE-2014-4944
BSK PDF Manager SQL Injection (3.1.1) CVE-2021-24860
BuddyPress 'page' Parameter SQL Injection (1.5.4) CVE-2012-2109
BuddyPress Multiple SQL Injection Vulnerabilities (1.7.1)
Build App Online SQL Injection (1.0.18) CVE-2022-3241
Calculated Fields Form Multiple SQL Injection Vulnerabilities (1.0.10)
Calendar by WD-Responsive Event Calendar for WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.3.0)
Calendar by WD-Responsive Event Calendar for WordPress SQL Injection (1.4.9) CVE-2015-2196
Calendar by WD-Responsive Event Calendar for WordPress SQL Injection (1.5.51) CVE-2017-7719
Calendar Event Multi View Multiple SQL Injection Vulnerabilities (1.1.7)
Calendar Event Multi View SQL Injection (1.01) CVE-2014-8586
Captcha by BestWebSoft SQL Injection (4.1.4)
Captcha by BestWebSoft SQL Injection (4.1.7)
Car Rental System SQL Injection (3.0)
Car Seller-Auto Classifieds Script SQL Injection (2.1.0) CVE-2021-24285
Cart66 Lite::WordPress Ecommerce SQL Injection (1.5.1.17) CVE-2014-9305
Cashtomer SQL Injection (1.0.0) CVE-2021-24391
CBX Petition for WordPress SQL Injection (1.0.3) CVE-2022-4383
cdnvote 'cdnvote-post.php' Multiple SQL Injection Vulnerabilities (0.4.1) CVE-2011-5308
CevherShare 'cevhershare-admin.php' SQL Injection (2.0)
cformsII SQL Injection (14.12.3)
Chained Quiz SQL Injection (1.0.8)
Chameleon CSS SQL Injection (1.2) CVE-2021-24626
Chat-Support Board-WordPress Chat Multiple SQL Injection Vulnerabilities (3.3.3) CVE-2021-24741
Check & Log Email SQL Injection (1.0.2) CVE-2021-24774
Chop Slider 3 SQL Injection (3.4) CVE-2020-11530
CM Pop-Up banners for WordPress SQL Injection (1.5.10) CVE-2023-30750
Collision Testimonials 'admin.php' SQL Injection (3.0)
Comic Book Management System SQL Injection (2.1.0) CVE-2022-3856
Comment Highlighter SQL Injection (0.13) CVE-2021-24393
Comment Rating 'id' Parameter SQL Injection (2.9.23)
Comment Rating SQL Injection and Security Bypass Weakness Vulnerabilities (2.9.32)
Comments-wpDiscuz SQL Injection (5.3.5) CVE-2020-13640
Community Events 'id' Parameter SQL Injection (1.2.2)
Community Events SQL Injection (1.3.5) CVE-2015-3313
Complianz-GDPR/CCPA Cookie Consent SQL Injection (6.3.3) CVE-2022-3494
Contact Form 'wpcf_easyform_formid' Parameter SQL Injection (2.7.5)
Contact Form, Drag and Drop Form Builder for WordPress-Everest Forms SQL Injection (1.4.9) CVE-2019-13575
Contact Form Builder-a plugin for creating contact and feedback forms Multiple SQL Injection Vulnerabilities (1.0.24)
Contact Form by WD-responsive drag & drop contact form builder tool SQL Injection (1.7.30)
Contact Form Submissions SQL Injection (1.6.4) CVE-2021-24125
Contact Form Widget-Contact Query, Form Maker SQL Injection (1.0.9) CVE-2019-17072
Content Audit Blind SQL Injection (1.6) CVE-2014-5389
Content Timeline Multiple SQL Injection Vulnerabilities (4.4.2) CVE-2017-14507
Contest Gallery-Photo Contest for WordPress SQL Injection (13.1.0.5) CVE-2021-24915
Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3)
Copperleaf Photolog 'cplphoto.php' SQL Injection (0.16) CVE-2010-0673
Count per Day 'month' Parameter SQL Injection (2.17)
Count per Day SQL Injection (3.4) CVE-2015-5533
Couponer 'print-coupon.php' SQL Injection (1.2)
CP Reservation Calendar SQL Injection (1.1.6) CVE-2015-7235
Cryptocurrency Widgets Pack SQL Injection (1.8.1) CVE-2022-4059
CSS & JavaScript Toolbox SQL Injection (9.2)
Custom Permalinks SQL Injection (1.1)
Daily Prayer Time SQL Injection (2022.02.28) CVE-2022-0785
Dbox 3D Slider Lite SQL Injection (1.2.2) CVE-2018-5374
Diary & Availability Calendar SQL Injection (1.0.3) CVE-2021-24555
Display Users SQL Injection (2.0.0) CVE-2021-24400
Donation with Goals and Paypal IPN by NonprofitCMS.org 'exporttocsv.php' SQL Injection (1.0)
Double Opt-In for Download SQL Injection (2.0.8) CVE-2015-7517
Double Opt-In for Download SQL Injection (2.0.9)
Download Monitor SQL Injection (4.4.4) CVE-2021-24786
Drupal Core 4.6.x SQL Injection (4.6.0 - 4.6.6) CVE-2006-2742
Drupal Core 4.7.x SQL Injection (4.7.0 - 4.7.8) CVE-2007-6299
Drupal Core 4.7.x SQL Injection (4.7.0) CVE-2006-2742
Drupal Core 5.x SQL Injection (5.0 - 5.3) CVE-2007-6299
Drupal Core 5.x SQL Injection (5.0 - 5.14)
Drupal Core 7.x SQL Injection (7.0 - 7.31) CVE-2014-3704
Drupal core 7.x SQL injection vulnerability CVE-2014-3704
DSubscribers SQL Injection (1.2)
DukaPress SQL Injection (2.5.9) CVE-2015-1000011
Duplicate Page and Post SQL Injection (2.5.6)
Duplicate Page SQL Injection (3.3)
Duplicate Post SQL Injection (1.1.9) CVE-2021-43408
Duplicator-WordPress Migration SQL Injection (0.5.14)
Easy2Map Multiple SQL Injection Vulnerabilities (1.2.4) CVE-2015-4614 CVE-2015-4616
Easy Contact Form Lite 'sort_row.request.php' SQL Injection (1.0.7)
Easy Digital Downloads-Simple eCommerce for Selling Digital Files SQL Injection (3.1.0.3) CVE-2023-23489
Easy Filter SQL Injection (1.5)
Easy Modal Multiple SQL Injection Vulnerabilities (2.0.17) CVE-2017-12946 CVE-2017-12947
Easy Team Manager SQL Injection (1.3.2) CVE-2017-1002023
Easy Testimonial Manager SQL Injection (1.2.0) CVE-2021-24394
Edit Comments SQL Injection (0.3) CVE-2021-24551
Ektron CMS400.NET ContentRatingGraph.aspx SQL injection CVE-2008-5122
Email Before Download SQL Injection (3.4)
Email Before Download SQL Injection (3.6)
Email Before Download SQL Injection (6.7) CVE-2021-24748
Email Log SQL Injection (2.4.6) CVE-2021-24758
Email Subscribers & Newsletters SQL Injection (4.1.7) CVE-2019-13569
Email Subscribers & Newsletters SQL Injection (4.3.0) CVE-2019-20361
Embed Youtube Video SQL Injection (1.0) CVE-2021-24395
Enable Media Replace SQL Injection and Arbitrary File Upload Vulnerabilities (2.3)
ENL Newsletter SQL Injection (1.0.1) CVE-2014-4939
Entries For WPForms SQL Injection (1.4.0)
Evarisk 'ajax.php' SQL Injection (5.1.3.6)
Event Espresso Lite-Event Management and Registration System SQL Injection (3.1.37.11) CVE-2017-1002026
Event Espresso Lite-Event Management and Registration System SQL Injection (3.1.37.12) CVE-2017-14760
Eventify-Simple Events 'fetcheventdetails.php' SQL Injection (1.7.f)
Event List SQL Injection (0.7.8) CVE-2017-9429
Event Registration 'event_id' Parameter SQL Injection (5.32) CVE-2010-4839
Event Registration 'event_id' Parameter SQL Injection (5.44) CVE-2010-4839
Event Registration 'id' Parameter SQL Injection (5.43)
Eventr SQL Injection (1.02.2) CVE-2017-1002018 CVE-2017-1002019
Events Made Easy SQL Injection (2.2.35) CVE-2021-25030
Events Manager 'events-manager.php' SQL Injection (2.1)
Events Manager Extended 'admin.php' SQL Injection (3.1.2)
Events Registration with PayPal IPN Multiple SQL Injection Vulnerabilities (2.1.2)
Events SQL Injection (2.3.4)
Export any WordPress data to XML/CSV SQL Injection (1.3.4) CVE-2022-1800
Export Users With Meta SQL Injection (0.6.4) CVE-2021-24451
Facebook Opengraph Meta 'all_meta.php' SQL Injection (1.0)
Facebook Promotion Generator for WordPress 'fbActivate.php' SQL Injection (1.3.3)
Fancy Product Designer-WooCommerce SQL Injection (4.7.4) CVE-2021-4134
FAQs Manager SQL Injection (1.0)
FB Survey Pro 'id' Parameter SQL Injection (1.0)
fGallery SQL Injection (2.4.1) CVE-2008-0491
FileBird-WordPress Media Library Folders & File Manager SQL Injection (4.7.3) CVE-2021-24385
File Groups 'fgid' Parameter SQL Injection (1.1.2)
FireStorm Professional Real Estate 'id' Parameter SQL Injection (2.06.03)
FireStorm Professional Real Estate Multiple SQL Injection Vulnerabilities (2.05.01)
FireStorm Shopping Cart eCommerce SQL Injection (2.07.02)
Flexi Quote Rotator SQL Injection and Cross-Site Request Forgery Vulnerabilities (0.9)
FlightLog SQL Injection (3.0.2) CVE-2021-24336
Floating Chat Widget:Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button-Chaty SQL Injection (3.0.2) CVE-2022-3858
fMoblog 'id' Parameter SQL Injection (2.1) CVE-2009-0968
FormCraft-Contact Form Builder SQL Injection (1.0.5) CVE-2017-13137
Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder SQL Injection (1.07.12) CVE-2014-9309
Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.13.3) CVE-2019-10866
Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.13.35)
Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.14.2)
Form Maker by 10Web-Mobile-Friendly Drag & Drop Contact Form Builder SQL Injection (1.15.5) CVE-2022-3300
Form Vibes-Database Manager for Forms SQL Injection (1.4.5) CVE-2022-3764
ForumConverter SQL Injection (1.11)
FreshMail For WordPress Multiple SQL Injection Vulnerabilities (1.5.8)
Fuctweb CapCC 'plugins.php' SQL Injection (1.0)
FV Flowplayer Video Player SQL Injection (7.3.18.727) CVE-2019-13573
FV Flowplayer Video Player SQL Injection (7.5.15.727) CVE-2022-25607
G-Lock Double Opt-in Manager 'ajaxbackend.php' SQL Injection (2.6.2)
Gallery-Flagallery Photo Portfolio SQL Injection (2.55)
Gallery-Flagallery Photo Portfolio SQL Injection and Information Disclosure Vulnerabilities (0.59)
Gallery-Video Gallery and Youtube Gallery SQL Injection (2.0.9)
Gallery Objects SQL Injection (0.4) CVE-2014-5201
Gallery transformation SQL Injection (1.0) CVE-2017-1002028
GamiPress-The most flexible and powerful gamification for WordPress SQL Injection (2.5.7) CVE-2023-24000
G Auto-Hyperlink SQL Injection (1.0.1) CVE-2021-24627
GB Gallery Slideshow SQL Injection (1.2) CVE-2014-8375
GD Star Rating 'de' Parameter SQL Injection (1.9.10)
GD Star Rating 'votes' Parameter SQL Injection (1.9.8)
GeoDirectory-WordPress Business Directory and Classified Ads Listings SQL Injection (2.2.23) CVE-2023-0278
GeoDirectory Location Manager Multiple SQL Injection Vulnerabilities (2.1.0.9) CVE-2021-24361
GeoServer SQLi (CVE-2023-25157) CVE-2023-25157
Gift Vouchers (Gift Cards and Packages) (WooCommerce Supported) SQL Injection (1.0.5) CVE-2018-16159
GigPress Multiple SQL Injection Vulnerabilities (2.3.8) CVE-2015-4066
GigPress SQL Injection (2.3.28) CVE-2023-0381
Giveaway SQL Injection (1.2.2) CVE-2021-24497
GiveWP-Donation and Fundraising Platform SQL Injection (2.5.0) CVE-2019-13578
GiveWP-Donation and Fundraising Platform SQL Injection (2.24.0) CVE-2023-0224
Global Content Blocks 'gcb_export.php' SQL Injection (1.2)
Good LMS-Learning Management System SQL Injection (2.1.4) CVE-2020-27481
Google Analytics Dashboard SQL Injection (2.0.4)
Google Doc Embedder SQL Injection (2.5.14) CVE-2014-9173
Google Doc Embedder SQL Injection (2.5.16) CVE-2014-9173
Google Map SQL Injection (2.2.5)
Gravity Forms SQL Injection (1.9.3.5) CVE-2015-2260
Groundhogg-Marketing Automation & CRM for WordPress SQL Injection (1.3.11.13)
GSEOR-WordPress SEO SQL Injection (1.3) CVE-2021-24396
Handsome Testimonials & Reviews SQL Injection (2.0.7) CVE-2021-24492
HD Webplayer Multiple SQL Injection Vulnerabilities (1.1)
HDW Player (Video Player & Video Gallery) SQL Injection (2.4.2) CVE-2014-5180
Header Footer Code Manager SQL Injection (1.1.13) CVE-2021-24791
Hibernate Query Language (HQL) Injection
Hitasoft FLV Player 'id' Parameter SQL Injection (1.1)
iCopyright Toolbar 'icopyright_xml.php' SQL Injection (1.1.4)
ImageDrop 'ImageDrop.php' Blind SQL Injection (1.1.2)
Image Gallery-Responsive Photo Gallery SQL Injection (1.0.6) CVE-2014-7153
Image Gallery-Responsive Photo Gallery SQL Injection (1.8.9) CVE-2016-11018
Image Intense SQL Injection (3.2.5)
Image Optimizer, Resizer and CDN-Sirv SQL Injection (1.3.1)
Image Slider by Ays-Responsive Slider and Carousel SQL Injection (2.4.9) CVE-2021-24463
InLinks SQL Injection (1.0) CVE-2017-16955
IP Logger 'map-details.php' SQL Injection (3.0)
I Recommend This SQL Injection (3.7.2)
I Recommend This SQL Injection (3.7.7)
iThemes Security (formerly Better WP Security) SQL Injection (7.0.2) CVE-2018-12636
IWantOneButton 'updateAJAX.php' SQL Injection (3.0.1)
JiangQie Official Website Mini Program SQL Injection (1.1.0) CVE-2021-24303
Joomla! 1.6.0 SQL injection vulnerability CVE-2011-1151
Joomla! 1.6/1.7/2.5 privilege escalation vulnerability CVE-2012-1563
Joomla! 1.7/2.5 SQL injection vulnerability CVE-2012-1116
Joomla! 3.2.1 sql injection
Joomla! component Kunena Forum multiple vulnerabilities CVE-2014-9102 CVE-2014-9103
Joomla! Core 1.0.x SQL Injection (1.0.0 - 1.0.11) CVE-2007-0374
Joomla! Core 1.5.x Multiple SQL Injection Vulnerabilities (1.5.0 - 1.5.21) CVE-2010-4166 CVE-2010-4696
Joomla! Core 1.7.x SQL Injection (1.7.0 - 1.7.4) CVE-2012-1116
Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1) CVE-2012-1116
Joomla! Core 3.7.0 SQL Injection (3.7.0) CVE-2017-8917
Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.4.6)
Joomla! Core 3.x.x SQL Injection (3.0.0 - 3.9.22) CVE-2020-35613
Joomla! Core 3.x.x SQL Injection (3.1.0 - 3.2.2) CVE-2014-7981
Joomla! Core 3.x.x SQL Injection (3.2.0 - 3.4.4) CVE-2015-7297 CVE-2015-7857 CVE-2015-7858
Joomla! Core 3.x.x SQL Injection (3.5.0 - 3.8.5) CVE-2018-8045
Joomla! Core Multiple SQL Injection Vulnerabilities (2.5.0 - 3.9.13) CVE-2019-19846
Joomla! Core SQL Injection (1.7.0 - 3.9.15) CVE-2020-10243
Joomla! SQL injection vulnerability CVE-2015-7297 CVE-2015-7857 CVE-2015-7858
Joomla! v3.2.2 SQL injection
JoomSport-for Sports: Team & League, Football, Hockey & more Multiple SQL Injection Vulnerabilities (5.2.5) CVE-2022-2717 CVE-2022-2718
JoomSport-for Sports: Team & League, Football, Hockey & more SQL Injection (3.3) CVE-2019-14348
Joy Of Text Lite-SMS messaging for WordPress SQL Injection (2.3.0) CVE-2022-4099
Js-appointment 'searchdata.php' SQL Injection (1.5)
JS Help Desk (formerly JS Support Ticket) SQL Injection (2.1.0)
JTRT Responsive Tables SQL Injection (4.1)
Kama Click Counter SQL Injection (3.4.9) CVE-2017-18614
KittyCatfish Ads by Missilesilo SQL Injection (2.2)
Knews Multilingual Newsletters SQL Injection (1.7.0)
KNR Author List Widget 'listItem[]' Parameter SQL Injection (2.0.0)
LeagueManager Multiple SQL Injection Vulnerabilities (3.9.1.1)
LeagueManager SQL Injection (3.8) CVE-2013-1852
LearnDash LMS SQL Injection (3.1.5) CVE-2020-6009
LearnDash LMS SQL Injection (4.5.3) CVE-2023-28777
LearnPress-WordPress LMS SQL Injection (3.2.6.7) CVE-2020-6010
LearnPress-WordPress LMS SQL Injection (4.1.3.2) CVE-2021-24951
LetsRecover-WooCommerce Abandoned Cart Notifications Multiple SQL Injection Vulnerabilities (1.1.0) CVE-2022-4355 CVE-2022-4356 CVE-2022-4357
lighttpd v1.4.34 SQL injection and path traversal CVE-2014-2323 CVE-2014-2324
Like Dislike Counter SQL Injection (1.2.3)
Limit Attempts by BestWebSoft SQL Injection (1.1.0)
Link Library 'id' Parameter Cross-Site Scripting and SQL Injection Vulnerabilities (5.0.8)
Link Library 'searchll' Parameter SQL Injection (5.2.1)
Link Library SQL Injection (5.9.13.26)
Link Log-external link click monitor SQL Injection (2.0) CVE-2015-9344
Listing, Classified Ads & Business Directory-uListing SQL Injection (2.0.3) CVE-2021-36880
Live Forms-Visual Form Builder SQL Injection (3.0.1)
Loginizer SQL Injection (1.6.3) CVE-2020-27615
M-vSlider SQL Injection (2.1.3) CVE-2021-24557
Macromedia Dreamweaver remote database scripts CVE-2004-1893
Magento (2.2.0 to 2.3.0) Unauthenticated SQL Injection Vulnerability
Mail Masta Multiple SQL Injection Vulnerabilities (1.0) CVE-2017-6095 CVE-2017-6096 CVE-2017-6097 CVE-2017-6098 CVE-2017-6570 CVE-2017-6571 CVE-2017-6572 CVE-2017-6573 CVE-2017-6574 CVE-2017-6575 CVE-2017-6576 CVE-2017-6577 CVE-2017-6578
MailPoet Newsletters (Previous) SQL Injection (2.2) CVE-2013-1408
MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard SQL Injection (4.1.7.1) CVE-2021-24877
MainWP Child Reports SQL Injection (2.0.7) CVE-2021-24754
Mang Board WP SQL Injection (1.9.9) CVE-2021-26609
MantisBT multiple security issues CVE-2014-9571 CVE-2014-9572 CVE-2014-9573 CVE-2014-9624 CVE-2015-1042
Mapwiz SQL Injection (1.0.1) CVE-2022-4546
Master Slider-Responsive Touch Slider SQL Injection (2.5.1)
MAZ Loader-Preloader Builder for WordPress SQL Injection (1.3.2) CVE-2021-24669
Media Library Assistant SQL Injection (2.84)
Media Library Assistant SQL Injection (3.05) CVE-2023-0279
Media Library Categories 'termid' Parameter SQL Injection (1.0.6)
Media Search Enhanced SQL Injection (0.6.0)
Membership by Supsystic SQL Injection (1.4.7)
Membership Simplified Multiple SQL Injection Vulnerabilities (1.58) CVE-2017-1002009 CVE-2017-1002010
Menu Creator 'updateSortOrder.php' SQL Injection (1.1.7)
Meow Gallery (+ Gallery Block) SQL Injection (4.1.8) CVE-2021-24465
Microblog Poster SQL Injection (1.6.0)
Microblog Poster SQL Injection (1.6.1)
MicroCopy SQL Injection (1.1.0) CVE-2021-24397
Migration, Backup, Staging-WPvivid SQL Injection (0.9.52)
Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)
Mingle Forum Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.32.1) CVE-2012-5327 CVE-2012-5328
Mingle Forum SQL Injection and Security Bypass Vulnerabilities (1.0.26)
MiniCart SQL Injection (1.00.1)
MM Duplicate 'index.php' SQL Injection (1.2)
MM Forms Community 'edit_details.php' SQL Injection (1.2.3)
MoodThingy Mood Rating Widget 'postID' Parameter Blind SQL Injection (0.8.7)
MoodThingy Mood Rating Widget SQL Injection (0.9.1)
MukioPlayer SQL Injection (1.6)
Multi Feed Reader SQL Injection (2.2.3) CVE-2017-2195
multimedial images SQL Injection (1.0b) CVE-2022-4370
My Category Order 'parentID' Parameter SQL Injection (2.8) CVE-2009-4748
myCred-Points, Rewards, Gamification, Ranks, Badges & Loyalty SQL Injection (2.2) CVE-2021-24755
Myftp SQL Injection (2.0)
myLinksDump 'url' Parameter SQL Injection (1.2) CVE-2010-2924
mySTAT 'mystat.php' SQL Injection (2.6)
Mz-jajak 'id' Parameter SQL Injection (2.1)
Nagios core config manager SQL injection vulnerability CVE-2013-6875
Nagios XI Unauthenticated SQLi CVE-2018-8734 CVE-2018-8734
Newsletter by Supsystic SQL Injection (1.5.5)
Newsletter SQL Injection (3.0.8)
NEX-Forms-Ultimate Form builder Multiple SQL Injection Vulnerabilities (4.0)
NEX-Forms-Ultimate Form builder SQL Injection (3.0)
NextGEN Gallery-WordPress Gallery SQL Injection (2.1.77)
NextGEN Gallery-WordPress Gallery SQL Injection (3.2.10) CVE-2019-14314
NextGEN Smooth Gallery 'galleryID' Parameter SQL Injection (1.2)
Ninja Announcements Lite 'ninja_annc.php' SQL Injection (1.2.3)
Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.29)
Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (2.9.55.1)
Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.3.21.1) CVE-2019-15025
Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.6.3) CVE-2021-24889
NOSpamPTI SQL Injection (2.1) CVE-2013-5917
Note Press SQL Injection (0.1.1)
NotificationX-Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar With Elementor SQL Injection (2.3.8) CVE-2022-0349
NotificationX-Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar With Elementor SQL Injection (2.3.11)
OdiHost Newsletter 'openstat.php' SQL Injection (1.0)
Official MailerLite Sign Up Forms SQL Injection (1.4.3)
Olimometer SQL Injection (2.56)
Online Hotel Booking System Pro SQL Injection (1.0)
OpenX xajaxargs SQL injection vulnerability
oQey Gallery 'gal_id' Parameter SQL Injection (0.4.8)
oQey Headers 'oqey_settings.php' SQL Injection (0.3)
Oracle E-Business Suite SQL injection (CVE-2017-3549)
Page Visit Counter SQL Injection (4.0.9)
Paid Business Listings Blind SQL Injection (1.0.2)
Paid Downloads 'download_key' Parameter SQL Injection (2.01)
Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.3.2) CVE-2020-5579
Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.5.5) CVE-2021-20678
Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.6.6) CVE-2021-25114
Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.9.7) CVE-2023-23488
Parallels Plesk SQL injection vulnerability CVE-2012-1557
Participants Database SQL Injection (1.5.4.8) CVE-2014-3961
Participants Database SQL Injection (1.9.5.5) CVE-2020-8596
Party Hall Booking Manager SQL Injection (1.1)
Payment Form for PayPal Pro SQL Injection (1.1.64) CVE-2020-14092
PayPal WP Button Manager SQL Injection (0.1.1)
Paytm-Donation SQL Injection (1.3.2) CVE-2021-24554
Pay With Tweet SQL Injection and Cross-Site Scripting Vulnerabilities (1.1) CVE-2012-5349 CVE-2012-5350
Permalink Manager Lite SQL Injection (2.2.12) CVE-2021-24769
Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.2.7) CVE-2015-1055
Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.29)
Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.50) CVE-2017-12977
Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.5.30) CVE-2019-14313
Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.5.54) CVE-2021-24139
Photo Gallery by Ays-Responsive Image Gallery SQL Injection (1.0.0)
Photo Gallery by Ays-Responsive Image Gallery SQL Injection (4.4.3) CVE-2021-24462
Photoracer 'id' Parameter SQL Injection (1.0) CVE-2009-2122
Photoracer Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0)
PHP object deserialization of user-supplied data
PICA Photo Gallery SQL Injection (1.0)
Pierre's Wordspew 'wordspew.php' Multiple SQL Injection Vulnerabilities (5.61)
Pinpoint Booking System-#1 WordPress Booking SQL Injection (1.2) CVE-2014-3210
Pinpoint Booking System-#1 WordPress Booking SQL Injection (2.0)
Pinpoint Booking System-#1 WordPress Booking SQL Injection (2.9.9.2.8) CVE-2023-0220
Plugmatter Optin Feature Box Multiple SQL Injection Vulnerabilities (2.0.13)
Podcast Importer SecondLine SQL Injection (1.3.7) CVE-2022-1023
Podlove Podcast Publisher SQL Injection (2.5.3) CVE-2017-12949
Podlove Podcast Publisher SQL Injection (3.5.5) CVE-2021-24666
Pods-Custom Content Types and Fields SQL Injection (2.5.1.1)
Poll, Survey, Questionnaire and Voting system SQL Injection (1.2.4)
Poll, Survey, Questionnaire and Voting system SQL Injection (1.5.2) CVE-2021-24442
Poll Maker SQL Injection (3.2.0) CVE-2021-24483
Poll Maker SQL Injection (3.4.1) CVE-2021-24651
Popup box SQL Injection (2.3.3) CVE-2021-24458
Popup Builder-Responsive WordPress Pop up-Subscription & Newsletter SQL Injection (2.6.7.6) CVE-2020-9006
Popup Builder-Responsive WordPress Pop up-Subscription & Newsletter SQL Injection (3.44) CVE-2019-14695
Popup Like box-Page SQL Injection (3.5.2) CVE-2021-24460
Portfolio Responsive Gallery SQL Injection (1.1.7) CVE-2021-24457
Post Content XMLRPC SQL Injection (1.0) CVE-2021-24629
Post Form-Registration Form-Profile Form for User Profiles and Content Forms for User Submissions SQL Injection (2.2.7) CVE-2018-21003
post highlights 'ph_settings.php' SQL Injection (2.2)
PowerPress Podcasting by Blubrry SQL Injection (6.0.2)
Product Catalog 8 SQL Injection (1.2.0)
Product Catalog Multiple SQL Injection Vulnerabilities (2.1)
Product Catalog SQL Injection (3.1.2)
Product Catalog SQL Injection (3.9.8)
Product Catalog SQL Injection (4.2.2)
Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More SQL Injection (3.3.0.3) CVE-2021-24511
Profile Builder-User Profile & User Registration Forms SQL Injection (3.3.2)
Profile Builder Pro SQL Injection (3.3.2)
Profiles 'bio-img.php' SQL Injection (2.0RC1)
Progress MOVEit Transfer SQL Injection CVE-2023-34362
ProPlayer 'pp_playlist_id' Parameter SQL Injection (4.7.7)
ProPlayer SQL Injection (4.7.9.1)
PureHTML 'alter.php' SQL Injection (1.0.0)
Python object deserialization of user-supplied data
Q and A FAQ and Knowledge Base for WordPress Multiple SQL Injection Vulnerabilities (1.0.6.2)
Qe SEO Handyman SQL Injection (1.0) CVE-2022-4352
Quartz SQL Injection (1.01.1) CVE-2014-5185
Quiz And Survey Master-Best Quiz, Exam and Survey Multiple SQL Injection Vulnerabilities (4.4.2)
Quiz And Survey Master-Best Quiz, Exam and Survey Multiple SQL Injection Vulnerabilities (4.4.3)
Quiz And Survey Master-Best Quiz, Exam and Survey SQL Injection (7.1.11) CVE-2021-24221
Quiz And Survey Master-Best Quiz, Exam and Survey SQL Injection (7.1.13)
Quiz And Survey Master-Best Quiz, Exam and Survey SQL Injection (7.3.4)
Quiz Maker Multiple SQL Injection Vulnerabilities (6.2.0.8) CVE-2021-24456
Quote-O-Matic SQL Injection (1.0.5) CVE-2022-4373
RapidLoad Power-Up for Autoptimize SQL Injection (1.6.35) CVE-2022-47593
Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.0.9) CVE-2018-10969
Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.1.1) CVE-2019-15659
Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction SQL Injection (3.7.1.5) CVE-2021-24731
RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login SQL Injection (5.0.1.5) CVE-2021-24862
RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login SQL Injection (5.0.2.1) CVE-2022-0420
Registrations for the Events Calendar-Event Registration SQL Injection (2.7.5) CVE-2021-24943
Related Sites 'guid' Parameter SQL Injection (2.1) CVE-2009-2383
Relevanssi-A Better Search SQL Injection (3.2)
Relevanssi-A Better Search SQL Injection (3.6.0)
RESPONSIVE 3D SLIDER SQL Injection (1.2) CVE-2021-24398
Responsive Image Gallery, Gallery Album SQL Injection (1.2.0) CVE-2017-14125
Responsive Slider-Image Slider-Slideshow for WordPress SQL Injection (2.6.8) CVE-2015-2062
Responsive Slider-Image Slider-Slideshow for WordPress SQL Injection (2.8.6)
ReviewX-Multi-criteria Rating & Reviews for WooCommerce SQL Injection (1.6.8) CVE-2023-26325
Revive Old Post-Auto Post to Social Media 'cat' Parameter SQL Injection (3.2.5)
RK Responsive Contact Form SQL Injection (1.0.0) CVE-2017-1002027
Rockhoist Ratings SQL Injection (1.2.1)
RSVPMaker SQL Injection (5.6.3) CVE-2018-21004
RSVPMaker SQL Injection (6.1.9) CVE-2019-15646
RSVPMaker SQL Injection (7.8.1)
RSVPMaker SQL Injection (9.2.5) CVE-2022-1453
RSVPMaker SQL Injection (9.2.6) CVE-2022-1505
RSVPMaker SQL Injection (9.3.2) CVE-2022-1768
rtMedia for WordPress, BuddyPress and bbPress SQL Injection (3.7.39)
Ruby on Rails SQL injection CVE-2012-2695
Safe Redirect Manager SQL Injection (1.7.7)
Save Contact Form 7 SQL Injection (1.7)
Schreikasten SQL Injection (0.14.18) CVE-2021-24630
SCORM Cloud For WordPress 'ajax.php' SQL Injection (1.0.6.6) CVE-2011-5216
SearchAutocomplete 'tags.php' SQL Injection (1.0.8)
Search Everything SQL Injection (7.0.2) CVE-2014-2316
Search Everything SQL Injection (8.1.5)
Search Everything SQL Injection (8.1.6)
Search Logger-Know What Your Visitors Search SQL Injection (0.9) CVE-2022-3131
Secure Copy Content Protection and Content Locking SQL Injection (2.6.6) CVE-2021-24484
Sendit WP Newsletter 'id' Parameter SQL Injection (2.1.0)
Sendit WP Newsletter 'submit.php' Blind SQL Injection (1.5.9)
Sendit WP Newsletter SQL Injection (2.5.1) CVE-2021-24345
SEO Redirection-301 Redirect Manager SQL Injection (3.5)
SEO Redirection-301 Redirect Manager SQL Injection (8.1) CVE-2021-24847
Sermon Browser Cross-Site Scripting and SQL Injection Vulnerabilities (0.43)
Server Status by Hostname/IP SQL Injection (4.6) CVE-2019-12570
Sharebar Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1)
Shopping Cart Multiple SQL Injection and Arbitrary File Upload Vulnerabilities (8.1.14)
Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.5.2)
Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple SQL Injection Vulnerabilities (1.4.56)
Shortlinks by Pretty Links-Best WordPress Link Tracking SQL Injection (1.6.7)
SH Slideshow 'ajax.php' SQL Injection (3.1.4)
Side Menu-add fixed side buttons SQL Injection (3.1.3) CVE-2021-24348
Side Menu Lite-add sticky fixed buttons SQL Injection (2.2) CVE-2021-24521
Side Menu Lite-add sticky fixed buttons SQL Injection (2.2.1)
Side Menu Lite-add sticky fixed buttons SQL Injection (2.2.5) CVE-2021-24580
Simple:Press 'sf-header-forum.php' SQL Injection (4.3.0)
Simple Ads Manager SQL Injection (2.9.4.116)
Simple Ajax Shoutbox SQL Injection (2.2.1)
Simple Events Calendar SQL Injection (1.3.5)
Simple Events Calendar SQL Injection (1.4.0) CVE-2021-24552
Simple Login Log SQL Injection (1.1.1)
Simple Membership SQL Injection (4.0.3) CVE-2021-29232
Simple Personal Message SQL Injection (1.0.3)
Simple Photo Gallery SQL Injection (1.7.9)
Simple Retail Menus SQL Injection (4.0.1) CVE-2014-5183
Simply Poll SQL Injection (1.4.1)
Slider by 10Web-Responsive Image Slider SQL Injection (1.2.35) CVE-2021-24132
Slider Hero with Animation, Video Background SQL Injection (8.2.6) CVE-2021-24506
Slimstat Analytics SQL Injection (3.9.5)
Smart Manager for WooCommerce & WPeC SQL Injection (3.9.6)
Smooth Slider SQL Injection (2.6.5)
Smooth Slider SQL Injection (2.8.6) CVE-2018-5373
SMTP Mail SQL Injection (1.2.1)
Social Slider 'rA[]' Parameter SQL Injection (5.6.5) CVE-2011-5286
Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.148) CVE-2021-24131
Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.153.3) CVE-2021-24295
Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.185) CVE-2022-3302
Spider Calendar Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.1)
SpiderCatalog Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.4.6)
SpiderCatalog SQL Injection (1.7.3) CVE-2021-24625
Spiffy XSPF Player SQL Injection (0.1) CVE-2013-3530
SP Project & Document Manager Multiple SQL Injection Vulnerabilities (2.4.3) CVE-2014-9178
SP Project & Document Manager SQL Injection (2.5.3)
Spreadsheet (wpSS) 'ss_id' Parameter SQL Injection (0.61) CVE-2008-1982
Spreadsheet (wpSS) SQL Injection (0.62) CVE-2014-8363
SP Rental Manager SQL Injection (1.5.3) CVE-2021-38324
SQL Injection
SQL Injection (stylesheet.php) (CMS Made Simple) CVE-2007-2473
SQL Injection in Symphony CVE-2013-2559
SQL injection in the authentication header
SRS Simple Hits Counter SQL Injection (1.0.4) CVE-2020-5766
Stock in & out SQL Injection (1.0.4)
Store Locator for WordPress with Google Maps-LotsOfLocales SQL Injection (3.11) CVE-2014-8621
Store Locator for WordPress with Google Maps-LotsOfLocales SQL Injection (3.33.1)
Store Locator Plus for WordPress SQL Injection (3.8.6)
Stream SQL Injection (3.8.1) CVE-2021-24772
stripShow SQL Injection (2.5.2) CVE-2014-5184
Super CAPTCHA 'admin.php' SQL Injection (2.2.4)
Super Interactive Maps for WordPress SQL Injection (2.1)
Super Store Finder for WordPress (Google Maps Store Locator) SQL Injection (6.3)
Support Ticket System Multiple SQL Injection Vulnerabilities (1.2) CVE-2015-7670
Survey Maker-Best WordPress Survey SQL Injection (1.5.5) CVE-2021-24459
Survey Maker-Best WordPress Survey SQL Injection (3.1.1) CVE-2023-23490
Surveys SQL Injection (1.01.8) CVE-2017-1002020 CVE-2017-1002021 CVE-2017-1002022
Testimonial Slider SQL Injection (1.2.4) CVE-2018-5372
The Crawl Rate Tracker 'sbtracking-chart-data.php' SQL Injection (2.0.2)
The Sorter SQL Injection (1.0) CVE-2021-24399
Tierra's Billboard Manager SQL Injection (1.14)
Timeline Calendar SQL Injection (1.2) CVE-2021-24553
Top 10-Popular posts for WordPress SQL Injection (2.4.3)
Traffic Analyzer SQL Injection (3.4.2)
Tune Library 'letter' Parameter SQL Injection (1.5.1)
Tune Library SQL Injection (1.5.4) CVE-2015-3314
Tutor LMS-eLearning and online course solution SQL Injection (1.8.2) CVE-2021-24182 CVE-2021-24183 CVE-2021-24186
Ultimate Maps by Supsystic SQL Injection (1.1.12)
Ultimate Membership Pro SQL Injection (3.3)
Ultimate Membership Pro SQL Injection (6.4)
ULTIMATE TABLES SQL Injection (1.5)
Universal Post Manager Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.9)
Unlimited PopUps SQL Injection (4.5.3) CVE-2021-24631
UPM Polls 'PID' Parameter SQL Injection (1.0.4)
UPM Polls 'qid' Parameter SQL Injection (1.0.3)
User Control SQL Injection (2.1.0)
User Self Delete SQL Injection (1.1)
Users Ultra SQL Injection (1.3.58)
Users Ultra SQL Injection (1.4.35)
Users Ultra SQL Injection (1.5.15) CVE-2015-4109
vBulletin 4 (up to 4.1.2) search.php SQL injection
vBulletin 5.1.2 SQL injection CVE-2014-5102
vBulletin 5.6.1 nodeId SQL injection CVE-2020-12720
Video Embed SQL Injection (1.0) CVE-2021-24337
VideoWhisper Video Presentation 'c_status.php' SQL Injection (1.1)
Viral Quiz Maker-OnionBuzz SQL Injection (1.2.1) CVE-2019-14231
Viral Quiz Maker-OnionBuzz SQL Injection (1.2.6) CVE-2019-14230
Visitor Traffic Real Time Statistics SQL Injection (3.8) CVE-2021-24829
Visual Email Designer for WooCommerce SQL Injection (1.7.1) CVE-2022-3860
WA Form Builder SQL Injection (1.1)
WassUp Real Time Analytics 'spy.php' SQL Injection (1.4.3) CVE-2008-0520
WatuPRO SQL Injection (5.5.3.6) CVE-2017-9834
WCFM-Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible SQL Injection (6.5.11) CVE-2021-24835
Web Invoice-Invoicing and billing for WordPress Multiple SQL Injection Vulnerabilities (2.1.3) CVE-2022-4371 CVE-2022-4372
WebLibrarian SQL Injection (3.5.4) CVE-2019-1010034
Website FAQ 'website-faq-widget.php' SQL Injection (1.0)
Welcart e-Commerce Multiple SQL Injection Vulnerabilities (1.5.2) CVE-2015-7791
Welcart e-Commerce SQL Injection (2.0.0)
WooCommerce Blocks SQL Injection (5.5.0) CVE-2021-32789
WooCommerce SQL Injection (5.5.0) CVE-2021-32790
WordPress 'admin-ajax.php' SQL Injection Vulnerability (2.1.3) CVE-2007-2821
WordPress 'blog.header.php' Multiple SQL Injection Vulnerabilities (0.6.2 - 0.71)
WordPress 'cat' Parameter SQL Injection Vulnerability (1.5 - 1.5.1.1) CVE-2005-1810
WordPress 'comment_post_ID' Parameter SQL Injection Vulnerability (3.0.4)
WordPress 'paged' Parameter SQL Injection Vulnerability (2.0.2 - 2.0.5) CVE-2006-3389
WordPress 'wp-db.php' Character Set SQL Injection Vulnerability (2.0 - 2.3.1) CVE-2007-6318
WordPress 'wp-trackback.php' SQL Injection Vulnerability (1.5) CVE-2005-1687
WordPress 0.7 Posts SQL Injection Vulnerability (0.7) CVE-2003-1598
WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5) CVE-2007-0107
WordPress 2.0.6 'Zend_Hash_Del_Key_Or_Index' SQL Injection Vulnerability (0.6.2 - 2.0.6) CVE-2007-0233
WordPress 3.1.3 Multiple SQL Injection Vulnerabilities (3.1 - 3.1.3)
WordPress 3.7.x Possible SQL Injection Vulnerability (3.7 - 3.7.22) CVE-2017-16510
WordPress 3.8.x Possible SQL Injection Vulnerability (3.8 - 3.8.22) CVE-2017-16510
WordPress 3.9.x Possible SQL Injection Vulnerability (3.9 - 3.9.20) CVE-2017-16510
WordPress 4.0.x Possible SQL Injection Vulnerability (4.0 - 4.0.19) CVE-2017-16510
WordPress 4.1.x Possible SQL Injection Vulnerability (4.1 - 4.1.19) CVE-2017-16510
WordPress 4.2.x Possible SQL Injection Vulnerability (4.2 - 4.2.16) CVE-2017-16510
WordPress 4.3.x Possible SQL Injection Vulnerability (4.3 - 4.3.12) CVE-2017-16510
WordPress 4.4.x Possible SQL Injection Vulnerability (4.4 - 4.4.11) CVE-2017-16510
WordPress 4.5.x Possible SQL Injection Vulnerability (4.5 - 4.5.10) CVE-2017-16510
WordPress 4.6.x Possible SQL Injection Vulnerability (4.6 - 4.6.7) CVE-2017-16510
WordPress 4.7.x Possible SQL Injection Vulnerability (4.7 - 4.7.6) CVE-2017-16510
WordPress 4.8.x Possible SQL Injection Vulnerability (4.8 - 4.8.2) CVE-2017-16510
WordPress Alipay/Tenpay/PayPal SQL Injection (3.7.2) CVE-2021-24390
WordPress Clean Up & Optimizer-Clean Up Optimizer SQL Injection (3.0.13)
WordPress Facebook SQL Injection (1.0.8)
WordPress Facebook SQL Injection (1.0.13)
WordPress for Google Maps-WP MAPS SQL Injection (4.0.4)
WordPress for Google Maps-WP MAPS SQL Injection (4.1.3)
WordPress for Google Maps-WP MAPS SQL Injection (4.1.4) CVE-2021-24130
WordPress Infinite Scroll-Ajax Load More SQL Injection (5.3.1) CVE-2021-24140
WordPress Landing Pages SQL Injection (1.2.1) CVE-2013-6243
Wordpress Membership SwiftCloud.io SQL Injection (1.0) CVE-2021-24392
WordPress Meta Robots SQL Injection (2.1)
WordPress Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1 - 1.2.2)
WordPress Page Contact SQL Injection (1.0) CVE-2021-24403
WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.101)
WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.229)
WordPress Poll Multiple SQL Injection and Security Bypass Vulnerabilities (34.04) CVE-2013-1400 CVE-2013-1401
WordPress Poll Multiple SQL Injection Vulnerabilities (33.5)
Wordpress Poll SQL Injection (36) CVE-2020-24315
WordPress Possible SQL Injection Vulnerability (0.70 - 3.6.1) CVE-2017-16510
WordPress Survey & Poll-Quiz, Survey and Poll SQL Injection (1.1.91) CVE-2015-2090
WordPress User-Agent SQL Injection Vulnerability (1.5.2) CVE-2006-1012
WordPress Users 'uid' Parameter SQL Injection (1.3) CVE-2011-4669
WORDPRESS VIDEO GALLERY SQL Injection (2.0) CVE-2013-3478
WORDPRESS VIDEO GALLERY SQL Injection (2.7) CVE-2015-2065
WORDPRESS VIDEO GALLERY SQL Injection (2.8)
WordPress Video Player Multiple SQL Injection Vulnerabilities (1.5.16)
WordPress WP-Advanced-Search SQL Injection (3.3.5)
WordPress WP-Advanced-Search SQL Injection (3.3.6) CVE-2020-12104
Wordspew 'id' Parameter SQL Injection (1.16) CVE-2008-0682
Wow Forms-create any form with custom style SQL Injection (2.1)
Wow Forms-create any form with custom style SQL Injection (3.1.3) CVE-2021-24628
Wow Viral Signups SQL Injection (2.1)
wp-autosuggest SQL Injection (0.24)
WP-AutoYoutube 'index.php' Script SQL Injection (0.1)
WP-Board SQL Injection (1.1) CVE-2021-24404
WP-Cal 'id' Parameter SQL Injection (0.3) CVE-2008-0490
wp-championship SQL Injection (5.8) CVE-2015-5308
WP-Download 'dl_id' Parameter SQL Injection (1.2) CVE-2008-1646
WP-Filebase Download Manager 'base' Parameter SQL Injection (0.2.9)
WP-Forum 'forum_feed.php' SQL Injection (1.7.8)
WP-Forum 'sendmail.php' SQL Injection (1.7.8)
WP-Forum Multiple SQL Injection Vulnerabilities (1.7.8)
WP-Forum Multiple SQL Injection Vulnerabilities (2.3) CVE-2009-3703
WP-Forum SQL Injection (1.7.4) CVE-2008-0388
WP-Forum SQL Injection (2.4)
Wp-ImageZoom SQL Injection (1.0.7)
WP-Polls SQL Injection (2.61)
WP-Polls SQL Injection (2.71) CVE-2015-9352
WP-PostRatings '[ratings]' Shortcode SQL Injection (1.61) CVE-2011-4646
WP-PostRatings SQL Injection (1.83.1)
WP-Predict 'predictId' Parameter Blind SQL Injection (1.0)
WP-Property-WordPress Powered Real Estate and Property Management SQL Injection (1.36.0)
WP-RecentComments SQL Injection (2.0.7) CVE-2012-1067
WP-SpamFree Anti-Spam 'id' Parameter SQL Injection (3.2.1)
WP-StarsRateBox 'j' Parameter SQL Injection (1.1)
WP-Stats 'author' Parameter SQL Injection (2.0) CVE-2006-0238
WP-Stats-Dashboard SQL Injection (2.9.4)
WP-Testimonials SQL Injection (3.4.1) CVE-2017-9418
WP-TopBar SQL Injection (5.36) CVE-2023-23824
WP Activity Log SQL Injection (4.1.4)
WP Airbnb Review Slider SQL Injection (3.2) CVE-2023-0262
WP Athletics SQL Injection (1.1.7)
WP Auctions 'wpa_id' Parameter SQL Injection (1.8.8)
wp audio gallery playlist 'playlist.php' SQL Injection (0.12)
WP AutoComplete Search SQL Injection (1.0.4) CVE-2022-4297
WP Bannerize 'ajax_clickcounter.php' SQL Injection (2.8.6)
WP Bannerize 'ajax_sorter.php' SQL Injection (2.8.7)
WP Bannerize SQL Injection (4.0.2) CVE-2021-39351
WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots SQL Injection (6.59)
WP Business Intelligence Lite SQL Injection (1.6.1)
WP Coder-add custom html, css and js code SQL Injection (2.5.3) CVE-2023-0895
WP Comment Remix SQL Injection and HTML Injection Vulnerabilities (1.4.3)
WP CSV Exporter SQL Injection (1.3.6) CVE-2022-3249
Wp custom slider SQL Injection (1.6.2)
WP Data Access SQL Injection (4.3.1) CVE-2021-24866
wpDataTables-WordPress Tables & Table Charts Premium SQL Injection (3.4) CVE-2021-26754
wpDataTables-WordPress Tables & Table Charts SQL Injection (1.5.3) CVE-2014-9175
WP Domain Redirect SQL Injection (1.0) CVE-2021-24401
WP DS FAQ 'ajax.php' SQL Injection (1.3.2)
WP eCommerce 'collected_data[]' SQL Injection (3.8.4)
WP eCommerce 'cs1' Parameter SQL Injection (3.8.6)
WP eCommerce 'wpsc-transaction_results_functions.php' SQL Injection (3.8.7.5) CVE-2012-5310
WP eCommerce Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (3.8.9)
WP eCommerce SQL Injection (3.11.3)
WP Editor SQL Injection (1.2.6.3) CVE-2021-24151
WP Email Users SQL Injection (1.4.3)
WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)
WP Events Calendar SQL Injection (1.0) CVE-2018-5315
WP Fastest Cache SQL Injection (0.8.4.8)
WP Fastest Cache SQL Injection (0.8.7.4)
wpForo Forum SQL Injection (1.4.9) CVE-2018-11515
WP Forum Server 'edit_post_id' Parameter SQL Injection (1.7) CVE-2012-6625
WP Forum Server Cross-Site Scripting and SQL Injection Vulnerabilities (1.7.3) CVE-2012-6622 CVE-2012-6623 CVE-2012-6625
WP Forum Server Multiple SQL Injection (1.6.5) CVE-2011-1047
WP Glossary 'ajax.php' SQL Injection (0.1)
WP Google Maps SQL Injection (7.11.17) CVE-2019-10692
WP Google Review Slider SQL Injection (6.1)
WP Google Review Slider SQL Injection (11.7) CVE-2023-0259
WP iCommerce-the first interactive ecommerce for wordpress SQL Injection (1.1.1) CVE-2021-24402
WPJobBoard SQL Injection (5.6.4)
WP Jobs SQL Injection (1.4) CVE-2017-9603
WP Limit Login Attempts SQL Injection (2.0.0) CVE-2015-6829
Wp Multiple Meta Box SQL Injection (1.0.0)
WP People 'wp-people-popup.php' SQL Injection (2.0)
WP Photo Album 'photo' Parameter SQL Injection (1.0) CVE-2008-0939
WP Photo Album Plus 'wppa-album' Parameter SQL Injection (4.1.1)
WP Post Page Clone SQL Injection (1.0)
WP Private Messages SQL Injection (1.0.1)
WP PRO Advertising System-All In One Ad Manager SQL Injection (4.6.18)
WP Reroute Email SQL Injection (1.4.6) CVE-2023-27605
WP Review Slider SQL Injection (10.9) CVE-2022-0383
WP Review Slider SQL Injection (12.1) CVE-2023-0260
WP RSS By Publishers Multiple SQL Injection Vulnerabilities (0.1) CVE-2022-4358 CVE-2022-4359 CVE-2022-4360
WP Rss Poster SQL Injection (1.0.0) CVE-2014-4938
WP Session Manager SQL Injection (1.2.1)
WP Shop Multiple SQL Injection Vulnerabilities (3.4.3.15)
WP Simple Booking Calendar SQL Injection (2.0.6)
WP Statistics SQL Injection (9.4)
WP Statistics SQL Injection (12.0.7)
WP Statistics SQL Injection (12.6.6.1) CVE-2019-13275
WP Statistics SQL Injection (13.0.7) CVE-2021-24340
WP Statistics SQL Injection (13.1.4) CVE-2022-0513
WP Statistics SQL Injection (13.2.8) CVE-2022-4230
WP Support Plus Responsive Ticket System SQL Injection (7.1.4)
WP Symposium 'get_profile_avatar.php' SQL Injection (0.64)
WP Symposium A Social Network For WordPress Multiple SQL Injection Vulnerabilities (12.06.16)
WP Symposium Multiple SQL Injection Vulnerabilities (12.09)
WP Symposium SQL Injection (15.1) CVE-2015-3325
WP Symposium SQL Injection (15.5.1)
WP TripAdvisor Review Slider SQL Injection (10.7) CVE-2023-0261
WP Ultimate Exporter SQL Injection (1.1)
WP Visitor Statistics (Real Time Traffic) SQL Injection (4.7) CVE-2021-24750
WP Visitor Statistics (Real Time Traffic) SQL Injection (5.5) CVE-2022-0410
WP Visitor Statistics (Real Time Traffic) SQL Injection (5.7) CVE-2022-33965
WP Visitor Statistics (Real Time Traffic) SQL Injection (6.8.1) CVE-2023-0600
WP Yelp Review Slider SQL Injection (7.0) CVE-2023-0263
WR ContactForm SQL Injection (1.1.9)
WTI Like Post SQL Injection (1.4.2)
Xllentech English Islamic Calendar SQL Injection (2.6.7) CVE-2021-24341
Xtreme Locator Dealer Locator SQL Injection (1.5)
YARPP-Yet Another Related Posts SQL Injection (5.30.2) CVE-2023-0579
Yasr-Yet Another Stars Rating SQL Injection (0.9.0)
YAWPP (Yet Another WordPress Petition Plugin) SQL Injection (1.2) CVE-2014-5182
Yes/No Chart SQL Injection (1.0.11) CVE-2021-24360
YITH WooCommerce Wishlist SQL Injection (2.1.2)
Yoast SEO SQL Injection (1.7.3.3) CVE-2015-2292
yolink Search for WordPress 'bulkcrawl.php' SQL Injection (1.1.4)
Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress SQL Injection (1.1.9) CVE-2022-1950
Z-Vote 'zvote' Parameter SQL Injection (1.1)
Zabbix 2.0.8 SQL injection CVE-2013-5743
Zero Spam SQL Injection (2.1.2)
Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7)
Zingiri Web Shop Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (2.3.5)
ZM Gallery SQL Injection (1.0)
Zotpress 'zotpress.rss.php' SQL Injection (4.4)
Zotpress SQL Injection (6.1.2) CVE-2016-1000217