Vulnerabilities protected by our SQL Injection firewall rule

1,482,313
Attacks Blocked in Past 24 Hours

Showing 941-960 of 1,444 Vulnerabilities

Title CVE ID CVSS Vector Date
Custom Searchable Data Entry System <= 1.7.1 - SQL Injection CVE-2020-10817 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H March 27, 2020
All Import Pro Plugin < 4.1.2 - SQL injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H March 19, 2020
Import any XML or CSV File to WordPress <= 3.2.4 - SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H February 19, 2020
RegistrationMagic - Custom Registration Forms, User Registration and User Login Plugin <= 4.6.0.2 - SQL Injection CVE-2020-8435 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H February 13, 2020
Participants Database <= 1.9.5.5 - SQL Injection CVE-2020-8596 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H February 10, 2020
Email Subscribers & Newsletters < 4.3.1 - Unauthenticated Blind SQL Injection CVE-2019-20361 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L November 13, 2019
Groundhogg <= 1.3.11.13 - SQL Injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H October 23, 2019
Sliced Invoices < 3.8.4 - Authenticated SQL Injection CVE-2020-20625 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N October 17, 2019
wpDataTables Lite plugin <= 2.0.11 - SQL injection CVE-2019-6012 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 16, 2019
Contact Form Widget – Contact Query, Contact Page, Form Maker, Query Table <= 1.3.8 - Authenticated (Admin+) SQL Injection CVE-2019-17072 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H October 10, 2019
Event Espresso Free/Lite <= 3.1.37.12.L - Unauthenticated SQL Injection CVE-2017-14760 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 30, 2019
SlickQuiz <= 1.3.7.1 - Authenticated SQL Injection CVE-2019-12516 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 10, 2019
Photo Gallery by 10Web <= 1.5.34 - SQL Injection CVE-2019-16119 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 8, 2019
Selio - Real Estate Directory <= 1.1 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 8, 2019
NextGEN Gallery <= 3.2.10 - SQL Injection CVE-2019-14314 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H August 27, 2019
WP-Polls <= 2.71 - SQL Injection CVE-2015-9352 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H August 26, 2019
All In One WP Security & Firewall <= 4.0.8 - SQL Injection CVE-2016-10887 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H August 14, 2019
GiveWP - Donation Plugin and Fundraising Platform <= 2.5.0 - SQL Injection CVE-2019-13578 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H August 12, 2019
Popup Builder <= 3.44 - SQL Injection CVE-2019-14695 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H August 6, 2019
JoomSport – for Sports: Team & League, Football, Hockey & more < 3.4 - SQL Injection CVE-2019-14348 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H July 29, 2019

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation