Vulnerabilities protected by our SQL Injection firewall rule

1,499,606
Attacks Blocked in Past 24 Hours

Showing 1001-1020 of 1,444 Vulnerabilities

Boost Your Blog's Engagement with WP Post Author <= 3.8.1 - Authenticated (Administrator+) SQL Injection
7.2
CVE-2024-8757
Oct 11, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection
7.2
CVE-2023-3416
Aug 16, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Tutor LMS <= 2.7.2 - Authenticated (Administrator+) SQL Injection
7.2
CVE-2024-43282
Aug 16, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection
7.2
CVE-2023-3419
Aug 16, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Tutor LMS – eLearning and online course solution <= 2.7.1 -Authenticated (Administrator+) SQL Injection
7.2
CVE-2024-4902
Jun 6, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Search & Replace <= 3.2.1 - Authenticated (Administrator+) SQL injection
7.2
CVE-2024-4145
May 23, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (AccountingManager+) SQL Injection
7.2
CVE-2024-1173
May 1, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WP SMTP 1.2 - 1.2.6 - Authenticated (Admin+) SQL Injection
7.2
CVE-2024-1789
Apr 25, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WooCommerce Google Feed Manager <= 2.4.2 - Authenticated (Admin+) SQL Injection to Reflected Cross-Site Scripting
7.2
CVE-2024-3067
Apr 15, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WP Advanced Search <= 1.1.6 - Authenticated (Administrator+) SQL Injection
7.2
CVE-2024-3265
Apr 4, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WP ERP <= 1.12.9 - Authenticated (AccountingManager+) SQL Injection
7.2
CVE-2024-0956
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WP ERP <= 1.12.9 - Authenticated (Accounting Manager+) SQL Injection
7.2
CVE-2024-0913
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WordPress Announcement & Notification Banner Plugin – Bulletin <= 3.8.5 - Authenticated (Administrator+) SQL Injection
7.2
CVE-2024-30478
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Falang multilanguage <= 1.3.47 - Authenticated (Administrator+) SQL Injection
7.2
CVE-2024-30495
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WP ERP <= 1.12.9 - Authenticated (Accounting Manager+) SQL Injection via id
7.2
CVE-2024-0952
Mar 28, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
WordPress Action Network 1.4.3 -Authentcated (Admin+) SQL Injection
7.2
CVE-2024-2954
Mar 26, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Avada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entry
7.2
CVE-2024-2344
Mar 20, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth By AWeber <= 7.3.14 - Authenticated (Admin+) SQL Injection
7.2
CVE-2024-1793
Feb 29, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Smart Manager - WooCommerce Advanced Bulk Edit, Inventory Management & more... <= 8.27.0 - Authenticated (Admin+) SQL Injection
7.2
CVE-2024-0566
Jan 18, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Burst Statistics Really Simple Plugins <= 1.5.3 - Authenticated (Editor+) SQL Injection
7.2
CVE-2024-0405
Jan 16, 2024
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Title CVE ID CVSS Vector Date
Boost Your Blog's Engagement with WP Post Author <= 3.8.1 - Authenticated (Administrator+) SQL Injection CVE-2024-8757 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H October 11, 2024
tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection CVE-2023-3416 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H August 16, 2024
Tutor LMS <= 2.7.2 - Authenticated (Administrator+) SQL Injection CVE-2024-43282 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H August 16, 2024
tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection CVE-2023-3419 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H August 16, 2024
Tutor LMS – eLearning and online course solution <= 2.7.1 -Authenticated (Administrator+) SQL Injection CVE-2024-4902 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H June 6, 2024
Search & Replace <= 3.2.1 - Authenticated (Administrator+) SQL injection CVE-2024-4145 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 23, 2024
WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting <= 1.13.1 - Authenticated (AccountingManager+) SQL Injection CVE-2024-1173 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H May 1, 2024
WP SMTP 1.2 - 1.2.6 - Authenticated (Admin+) SQL Injection CVE-2024-1789 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H April 25, 2024
WooCommerce Google Feed Manager <= 2.4.2 - Authenticated (Admin+) SQL Injection to Reflected Cross-Site Scripting CVE-2024-3067 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H April 15, 2024
WP Advanced Search <= 1.1.6 - Authenticated (Administrator+) SQL Injection CVE-2024-3265 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H April 4, 2024
WP ERP <= 1.12.9 - Authenticated (AccountingManager+) SQL Injection CVE-2024-0956 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H March 28, 2024
WP ERP <= 1.12.9 - Authenticated (Accounting Manager+) SQL Injection CVE-2024-0913 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H March 28, 2024
WordPress Announcement & Notification Banner Plugin – Bulletin <= 3.8.5 - Authenticated (Administrator+) SQL Injection CVE-2024-30478 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H March 28, 2024
Falang multilanguage <= 1.3.47 - Authenticated (Administrator+) SQL Injection CVE-2024-30495 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H March 28, 2024
WP ERP <= 1.12.9 - Authenticated (Accounting Manager+) SQL Injection via id CVE-2024-0952 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H March 28, 2024
WordPress Action Network 1.4.3 -Authentcated (Admin+) SQL Injection CVE-2024-2954 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H March 26, 2024
Avada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entry CVE-2024-2344 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H March 20, 2024
AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth By AWeber <= 7.3.14 - Authenticated (Admin+) SQL Injection CVE-2024-1793 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H February 29, 2024
Smart Manager - WooCommerce Advanced Bulk Edit, Inventory Management & more... <= 8.27.0 - Authenticated (Admin+) SQL Injection CVE-2024-0566 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H January 18, 2024
Burst Statistics Really Simple Plugins <= 1.5.3 - Authenticated (Editor+) SQL Injection CVE-2024-0405 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H January 16, 2024

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation