Vulnerabilities protected by our SQL Injection firewall rule

1,512,521
Attacks Blocked in Past 24 Hours

Showing 1021-1040 of 1,444 Vulnerabilities

Title CVE ID CVSS Vector Date
InLinks <= 1.1 - Authenticated SQL Injection CVE-2017-16955 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H November 22, 2017
Formidable Form Builder < 2.05.03 - SQL Injection 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N November 13, 2017
bbPress < 2.5.13 - Unauthenticated Blind SQL Injection 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L November 13, 2017
JTRT Responsive Tables < 4.1.2 - SQL Injection CVE-2017-18597 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H November 3, 2017
WP Events <= 2.3.4 - SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 3, 2017
Simple Events Calendar < 1.3.6 - Authenticated (Admin+) SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H November 3, 2017
WordPress Core < 4.8.3 - SQL Injection due to Double Prepare approach CVE-2017-16510 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 31, 2017
Ultimate Form Builder Lite <= 1.3.6 - SQL Injection to PHP Object Injection CVE-2017-15919 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 23, 2017
Simple Login Log < 1.1.2 - SQL Injection CVE-2017-18514 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 10, 2017
Simple Login Log < 1.1.2 - SQL Injection CVE-2017-18573 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H October 10, 2017
Content Timeline <= 4.4.2 - SQL Injection CVE-2017-14507 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 26, 2017
Mojoomla School Management System (Unspecified Version) - Authenticated (Student+) SQL Injection CVE-2017-14843 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 26, 2017
Mojoomla Hospital Management System for WordPress Theme < 22-05-2018 - SQL Injection CVE-2017-14846 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 26, 2017
WPGYM - Wordpress Gym Management System (Unknown Version) - SQL Injection CVE-2017-14844 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 26, 2017
WPAMS - Apartment Management System for wordpress Theme < 17-07-2019 - SQL Injection CVE-2017-14847 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 26, 2017
SMSmaster – Multipurpose SMS Gateway for Wordpress (All Versions) - Authenticated SQL Injection CVE-2017-14842 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 26, 2017
Gallery – Image and Video Gallery with Thumbnails < 1.2.1 - SQL Injection CVE-2017-14125 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 22, 2017
WordPress Core < 4.8.2 - SQL Injection via Mishandled Placeholders CVE-2017-14723 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H September 19, 2017
Active Directory Integration <= 1.1.8 - Authenticated (Admin+) SQL Injection 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H September 11, 2017
WPHRM - Human Resource Management System < 1.1 - SQL Injection CVE-2017-14848 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H September 9, 2017

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation