Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 5 hours ago5 views

CVE-2017-20244

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS
Exploits0References5
CVE
CVEadded 7 hours ago9 views

CVE-2017-20244

CVE-2017-20244 affects Wow Forms WordPress Plugin version 2.1. The vulnerability is an SQL injection in admin-ajax.php handling the send_mwp_form action, exploitable via an unescaped POST parameter mwpformid, allowing unauthenticated attackers to read arbitrary database information. Reported CVSS...

8.8CVSS5.8AI score
Exploits0References5
Vulnrichment
Vulnrichmentadded 7 hours ago5 views

CVE-2017-20244 Wow Forms WordPress Plugin 2.1 SQL Injection

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS5.8AI score
Exploits0References5
EUVD
EUVDadded 7 hours ago5 views

EUVD-2017-18970

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS5.8AI score
Exploits0References5
Positive Technologies
Positive Technologiesadded 19 hours ago5 views

PT-2026-47767

Wow Forms WordPress Plugin version 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to read arbitrary database information by exploiting an unescaped POST parameter. Attackers can inject SQL code through the 'mwpformid' parameter in requests to the admin-ajax.php...

8.8CVSS5.8AI score
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/22 7:23 p.m.4 views

CVE-2021-24628

The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection...

7.2CVSS6.9AI score0.00972EPSS
Exploits2References1
OSV
OSVadded 2021/11/08 6:15 p.m.2 views

CVE-2021-24628

The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection...

7.2CVSS5.8AI score0.00972EPSS
Exploits2References2
CNNVD
CNNVDadded 2021/11/08 12:0 a.m.1 views

WordPress SQL注入漏洞

WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress Wow Forms plugin in version 3.1.3 and earlier, which stems fr...

7.2CVSS6.1AI score0.00972EPSS
Exploits2References3
Rows per page
Query Builder