Vulnerabilities protected by our SQL Injection firewall rule

1,482,891
Attacks Blocked in Past 24 Hours

Showing 1-20 of 1,444 Vulnerabilities

Title CVE ID CVSS Vector Date
Tutor LMS <= 2.7.6 - Unauthenticated SQL Injection via rating_filter CVE-2024-10400 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N November 20, 2024
MStore API <= 4.15.7 - Authenticated (Subscriber+) SQL Injection CVE-2024-11179 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N November 19, 2024
Login using WordPress Users ( WP as SAML IDP ) <= 1.15.6 - Authenticated (Administrator+) SQL Injection CVE-2024-9887 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 15, 2024
Blogger 301 Redirect <= 2.5.3 - Unauthenticated SQL Injection via br CVE-2024-10645 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N November 15, 2024
WordPress Video Robot - The Ultimate Video Importer <= 1.20.0 - Unauthenticated SQL Injection CVE-2024-52431 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N November 15, 2024
Premium Packages <= 5.9.3 - Authenticated (Administrator+) SQL Injection CVE-2024-52435 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N November 15, 2024
Post SMTP <= 2.9.9 - Authenticated (Administrator+) SQL Injection CVE-2024-52436 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N November 15, 2024
WP Contest <= 1.0.0 - Authenticated (Contributor+) SQL Injection CVE-2024-51837 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N November 8, 2024
Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons <= 24.0.3 - Unauthenticated SQL Injection CVE-2024-10687 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H November 4, 2024
Appointment Booking Calendar Plugin and Scheduling Plugin – BookingPress <= 1.1.16 - Authenticated (Subscriber+) SQL Injection CVE-2024-10540 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N November 1, 2024
BetterLinks <= 2.1.7 - Authenticated (Administrator+) SQL Injection CVE-2024-51672 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N November 1, 2024
Quran Shortcode <= 1.5 - Authenticated (Contributor+) SQL Injection CVE-2024-51625 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Simple Job Manager <= 1.1 - Authenticated (Contributor+) SQL Injection CVE-2024-51602 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Woocommerce Quote Calculator <= 1.1 - Authenticated (Contributor+) SQL Injection CVE-2024-51626 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Golf Tracker <= 0.7 - Authenticated (Contributor+) SQL Injection CVE-2024-51607 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Website price calculator <= 4.1 - Authenticated (Contributor+) SQL Injection CVE-2024-51601 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Market 360 Viewer <= 1.01 - Authenticated (Contributor+) SQL Injection CVE-2024-51619 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
5 Stars Rating Funnel <= 1.4.01 - Authenticated (Contributor+) SQL Injection CVE-2024-51579 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
AmaDiscount <= 1.0 - Authenticated (Contributor+) SQL Injection CVE-2024-51608 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024
Blrt WP Embed <= 1.6.9 - Authenticated (Contributor+) SQL Injection CVE-2024-51606 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N October 31, 2024

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation