Vulnerabilities protected by our SQL Injection firewall rule

1,483,524
Attacks Blocked in Past 24 Hours

Showing 341-360 of 1,444 Vulnerabilities

Title CVE ID CVSS Vector Date
Message ticker <= 9.2 - Authenticated (Subscriber+) SQL Injection via Shortcode CVE-2023-5433 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 30, 2023
Booking Calendar WpDevArt <= 3.2.11 - Authenticated (Admin+) SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 29, 2023
Mail logging - WP Mail Catcher <= 2.1.3 - Authenticated (Admin+) SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 29, 2023
ImageLinks <= 1.5.4 - Authenticated (Admin+) SQL Injection CVE-2023-46823 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 29, 2023
GD Security Headers <= 1.7 - Authenticated (Admin+) SQL Injection CVE-2023-46821 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 29, 2023
Article Analytics <= 1.0 - Unauthenticated SQL Injection CVE-2023-5640 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 27, 2023
LogDash Activity Log <= 1.1.3 - Unauthenticated SQL Injection CVE-2023-6030 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 26, 2023
WP Hotel Booking <= 2.0.7 - Unauthenticated SQL Injection CVE-2023-5652 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 26, 2023
404 Solution <= 2.33.2 - Authenticated (Administrator+) SQL Injection via orderby 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 23, 2023
Advanced Local Pickup for WooCommerce <= 1.5.5 - Authenticated (Administrator+) SQL Injection CVE-2023-2841 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 21, 2023
iPanorama 360 – WordPress Virtual Tour Builder <= 1.8.0 - Authenticated (Contributor+) SQL Injection via Shortcode CVE-2023-5336 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 18, 2023
GeoDirectory <= 2.3.28 - Authenticated (Administrator+) SQL Injection via orderby 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 18, 2023
Icons Font Loader <= 1.1.2 - Authenticated (Subscriber+) SQL Injection CVE-2023-46084 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 16, 2023
History Log by click5 <= 1.0.12 - Authenticated(Administrator+) Time-Based Blind SQL Injection CVE-2023-5082 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H October 15, 2023
Accessibility Suite by Online ADA <= 4.12 - Authenticated (Subscriber+) SQL Injection CVE-2023-45830 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 13, 2023
Nexter <= 2.0.3 - Authenticated (Subscriber+) SQL Injection via 'to' and 'from' CVE-2023-45657 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 12, 2023
AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response CVE-2023-5204 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 11, 2023
Contact Form Generator <= 2.7.1 - Authenticated (Contributor+) SQL Injection CVE-2023-35911 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 9, 2023
Video Gallery – YouTube Gallery <= 2.1.4 - Authenticated (Administrator+) SQL Injection CVE-2023-45069 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 3, 2023
MStore API <= 4.0.6 - Authenticated (Subscriber+) SQL Injection CVE-2023-45055 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 3, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation