Wordfence Intelligence

Title	CVE ID	CVSS	Vector	Date
Easy Team Manager <= 1.3.2 - SQL Injection	CVE-2017-1002023	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 24, 2017
Surveys 1.01.8 - Authenticated SQL Injection	CVE-2017-1002020	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 21, 2017
Surveys <= 1.01.8 - SQL Injection	CVE-2017-1002021	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 21, 2017
SpiderCalendar <= 1.5.51 - SQL Injection	CVE-2017-7719	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 10, 2017
Image Gallery with Slideshow Plugin <= 1.5.2 - SQL Injection via gid	CVE-2017-1002012	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 1, 2017
Image Gallery with Slideshow Plugin <= 1.5.2 - Blind SQL Injection via imgid	CVE-2017-1002013	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 1, 2017
Image Gallery with Slideshow <= 1.5.2 - SQL Injection via selectMulGallery	CVE-2017-1002015	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 1, 2017
Image Gallery with Slideshow <= 1.5.2 - SQL Injection via gallery_name	CVE-2017-1002014	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	April 1, 2017
Search Everything <= 8.1.6 - SQL Injection	CVE-2017-18571	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 20, 2017
Membership Simplified <= 1.58 - SQL Injection	CVE-2017-1002009	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 17, 2017
PICA Photo Gallery <= 1.0 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 9, 2017
DTracker <= 1.5 - SQL Injection	CVE-2017-1002005	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 8, 2017
DTracker <= 1.5 - SQL Injection	CVE-2017-1002004	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	March 8, 2017
Mail Masta <= 1.0 - SQL Injection via list_id parameter	CVE-2017-6095	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 18, 2017
Note Press < 0.1.2 - SQL Injection	CVE-2017-18548	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	February 6, 2017
WA Form Builder <= 1.1 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	December 5, 2016
Product Catalog 8 <= 1.2.0 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	November 28, 2016
Olimometer < 2.57 - SQL Injection	CVE-2016-10904	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	November 22, 2016
BBS e-Franchise < 1.1.4 - SQL Injection		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	November 17, 2016
NextGEN Gallery <= 2.1.56 - Authenticated Local File Inclusion & SQL injection	CVE-2016-10889	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	November 15, 2016

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation

Vulnerabilities protected by our SQL Injection firewall rule

Showing 321-340 of 1,444 Vulnerabilities