The CBX Petition for WordPress plugin through 1.0.3 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL...
9.8CVSS
9.8AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module 6.x-1.x before 6.x-1.3 for Drupal allows remote authenticated users with the "create petition" permission to inject arbitrary web script or HTML via unknown...
5.4AI Score
0.001EPSS
SQL injection vulnerability in getin.php in WEBBDOMAIN Petition 1.02, 2.0, and 3.0 allows remote attackers to execute arbitrary SQL commands via the username...
9.3AI Score
0.001EPSS