Vulnerabilities protected by our SQL Injection firewall rule

1,415,065
Attacks Blocked in Past 24 Hours

Showing 441-460 of 1,444 Vulnerabilities

Title CVE ID CVSS Vector Date
Order Your Posts Manually <= 2.2.5 - Authenticated (Administrator+) SQL Injection via 'sortdata' CVE-2023-32508 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 10, 2023
AP Pricing Tables Lite <= 1.1.6 - Authenticated (Admin+) SQL Injection CVE-2023-0900 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 10, 2023
Ultimate Addons for Contact Form 7 <= 3.1.23 - Unauthenticated SQL Injection via form_id CVE-2022-47586 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 9, 2023
Zero Spam <= 5.4.4 - Authenticated (Administrator+) SQL Injection CVE-2023-32121 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 9, 2023
Zero Spam for WordPress <= 5.4.4 - Authenticated(Administrator+) SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 8, 2023
Cryptocurrency Donation Box – Bitcoin & Crypto Donations <= 2.2.7 - Authenticated (Administrator+) SQL Injection CVE-2023-32128 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 5, 2023
CM Pop-Up banners <= 1.5.10 - Authenticated (Subscriber+) SQL Injection via getStatistics CVE-2023-30750 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H May 3, 2023
HollerBox <= 2.1.3 - Authenticated (edit_popups+) SQL Injection CVE-2023-2111 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H May 2, 2023
Easy Bet <= 1.0.7 - Authenticated(Contributor+) SQL Injection CVE-2023-31092 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H April 26, 2023
Custom 404 Pro <= 3.8.0 - Unauthenticated SQL Injection via 's' CVE-2023-2032 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 25, 2023
YARPP - Yet Another Related Posts Plugin <= 5.30.2 - Authenticated (Subscriber+) SQL Injection via Shortcode CVE-2023-0579 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H April 25, 2023
Custom 404 Pro <= 3.7.2 - Unauthenticated SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 25, 2023
Elementor <= 3.12.1 - Authenticated(Administrator+) SQL Injection via 'replace_urls' CVE-2023-0329 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H April 24, 2023
BSK Forms Blacklist <= 3.6.2 - Authenticated (Administrator+) SQL Injection via 'order' and 'orderby' CVE-2023-30872 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H April 24, 2023
Ultimate Addons for Contact Form 7 <= 3.1.23 - Authenticated (Subscriber+) SQL Injection via id CVE-2023-30495 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H April 24, 2023
WP Visitor Statistics (Real Time Traffic) <= 6.8.1 - Unauthenticated SQL Injection CVE-2023-0600 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H April 24, 2023
HTTP Headers <= 1.18.8 - Authenticated(Administrator+) SQL Injection CVE-2023-1207 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H April 24, 2023
Accessibility Suite by Online ADA <= 4.12 - Authenticated (Subscriber+) SQL Injection CVE-2022-47420 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H April 19, 2023
Booking calendar, Appointment Booking System <= 3.2.6 - Authenticated (Administrator+) SQL Injection via *_selected CVE-2022-47428 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H April 19, 2023
ReviewX – Multi-criteria Rating & Reviews for WooCommerce <= 1.6.8 - Authenticated (Subscriber+) SQL Injection CVE-2023-26325 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H April 19, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation