WordPress Five Minute Webshop plugin <= 1.3.2 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability was discovered by Daniel Krohmer Fraunhofer IESE, Germany and Shi Chen University of Kaiserslautern, Germany in the WordPress Five Minute Webshop plugin versions = 1.3.2. Solution Deactivate and delete. This plugin has been closed as of May 12, 2022...

CVE-2022-29410

Authenticated SQL Injection SQLi vulnerability in Mufeng's Hermit 音乐播放器 plugin = 3.1.6 on WordPress allows attackers with Subscriber or higher user roles to execute SQLi attack via &ids...

WordPress Download Manager plugin <= 3.2.33 - Authenticated SQL injection (SQLi) vulnerability to Reflected XSS vulnerability

Authenticated SQL injection SQLi vulnerability to Reflected XSS vulnerability discovered by Krzysztof Zając in WordPress Download Manager plugin versions = 3.2.33. Solution Update the WordPress Download Manager plugin to the latest available version at least 3.2.34...

All In One SEO < 4.1.5.3 - Authenticated SQL Injection

The plugin is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attackers access to privileged information from the affected site’s database e.g., usernames and hashed passwords...

VulnCheck KEV: CVE-2021-25037

The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attackers access to privileged information from the affected site’s database e.g., usernames and...

MOLIE <= 0.5 - Authenticated SQL Injection

The plugin does not validate and escape a post parameter before using in a SQL statement, leading to an SQL Injection PoC https://example.com/wp-admin/post.php?post=validpostid+and+SLEEP%285%29=edit https://example.com/wp-admin/admin-post.php?action=edit=1+and+SLEEP%285%29...

CVE-2021-24627 G Auto-Hyperlink <= 1.0.1 - Admin+ SQL Injection

The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection...

CVE-2021-24627

The CVE-2021-24627 entry concerns the WordPress plugin G Auto-Hyperlink (versions up to 1.0.1). The vulnerability arises from insufficient sanitization/escaping of the id GET parameter, which is interpolated into a SQL statement used to fetch data for the admin dashboard. This yields an authentic...

WordPress WP Fastest Cache Plugin < 0.9.5 Multiple Vulnerabilities

The WordPress plugin Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

CVE-2021-41648

CVE-2021-41648 affects the PuneethReddyHC Online Shopping System Advanced. An unauthenticated SQL injection exists in the /action.php prId parameter, with input not sanitized for POST requests, allowing an attacker to craft SQL queries against the underlying MySQL database. Connected sources (nuc...

CVE-2021-24400 Display users <= 2.0.0 - Authenticated SQL Injection

The Edit Role functionality in the Display Users WordPress plugin through 2.0.0 had an id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection...

CVE-2021-24398 Responsive 3D Slider <= 1.2 - Authenticated SQL Injection

The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is...

CVE-2021-24728

The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages...

CVE-2021-24726

The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to an authenticated SQL injection issue...

CVE-2021-24727 Block and Stop Bad Bots < 6.60 - Authenticated SQL Injections

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...

Create WooCommerce Product Feeds For 40+ Merchants < 3.3.1.0 - Authenticated SQL Injection

The fetchproductajax functionality in the plugin uses a productid POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. POST /wp-admin/admin-ajax.php HTTP/1.1 Content-Length: 162 Accept: / X-Requested-With: XMLHttpReque...

Charity Management System CMS 1.0 - Multiple Vulnerabilities

Exploit Title: Charity Management System CMS 1.0 - Multiple Vulnerabilities Date: 18/08/2021 Exploit Author: Davide 't0rt3ll1n0' Taraschi Vendor Homepage: https://www.sourcecodester.com/users/tips23 Software Link:...

CVE-2021-24521 Side Menu Lite < 2.2.1 - Authenticated SQL Injection

The Side Menu Lite – add sticky fixed buttons WordPress plugin before 2.2.1 does not properly sanitize input values from the browser when building an SQL statement. Users with the administrator role or permission to manage this plugin could perform an SQL Injection attack...

Paid Member Subscriptions < 2.4.2 - Authenticated SQL Injection

The plugin did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages. http://www.example.com/wp-admin/admin.php?page=pms-members-page&orderby=userid&order=asc,select from...

Side Menu Lite < 2.2.6 - Authenticated SQL Injection

The plugin does not sanitise user input from the List page in the admin dashboard before using it in SQL statement, leading to an SQL Injection issue PoC POST /wp-admin/admin.php?page=side-menu-lite=list HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8...