Vulnerabilities protected by our SQL Injection firewall rule

1,499,606
Attacks Blocked in Past 24 Hours

Showing 1001-1020 of 1,444 Vulnerabilities

Title CVE ID CVSS Vector Date
PublishPress Capabilities <= 1.5.8 - Authenticated SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H June 20, 2018
Quick Chat <= 4.14 - SQL Injection CVE-2019-1010104 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H June 12, 2018
Pie Register <= 3.0.9 - SQL Injection CVE-2018-10969 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H June 12, 2018
wpForo Forum <= 1.4.12 - SQL Injection CVE-2018-11515 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 27, 2018
Membermouse <= 2.2.8 - Blind SQL Injection CVE-2018-11309 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H May 27, 2018
Relevanssi <= 3.6.0 - Authenticated (Admin+) SQL Injection 8.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N April 10, 2018
Custom Permalinks <= 1.1 - Authenticated SQL Injection 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N February 26, 2018
WP Support Plus Responsive Ticket System <= 9.0.2 - SQL Injection CVE-2018-1000131 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H February 25, 2018
WP Fastest Cache <= 0.8.7.4 - SQL Injection 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L February 22, 2018
Image Slider <= 1.1.95 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2018
User Control <= 2.1.0 - SQL Injection 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 28, 2018
YITH WooCommerce Wishlist <= 2.1.2 - SQL Injection 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N January 16, 2018
Dbox 3D Slider Lite <= 1.2.2 - SQL Injection CVE-2018-5374 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 11, 2018
Testimonial Slider < 1.2.5 - SQL Injection CVE-2018-5372 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 10, 2018
Smooth Slider < 2.8.7 - Authenticated SQL Injection CVE-2018-5373 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H January 10, 2018
WP Events Calendar Plugin <= 1.0 - SQL Injection CVE-2018-5315 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 9, 2018
WP Job Board <= 4.4.4 - SQL Injection CVE-2018-5695 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H January 6, 2018
Smart Google Code Inserter < 3.5 - Unauthenticated SQL Injection CVE-2018-3811 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H January 1, 2018
Top 10 – Popular posts plugin for WordPress <= 2.4.3 - SQL Injection 7.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L December 13, 2017
RegistrationMagic - Custom Registration Forms <= 3.8.0.4 - SQL Injection 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H December 10, 2017

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation