7 matches found
WordPress iATS Online Forms plugin SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress iATS Online Forms plugin, which stems from a temporal SQL injection in the parameter order, which can be exploited by an...
WordPress iATS Online Forms plugin <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter vulnerability
Authenticated Contributor+ SQL Injection via order Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin iATS Online Forms versions = 1.2...
CVE-2025-9441
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9441 iATS Online Forms <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9441 iATS Online Forms <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
WordPress plugin iATS Online Forms SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress iATS Online Forms plugin, which stems from a temporal SQL injection in the parameter order, which can be exploited by an...
PT-2025-35191
Name of the Vulnerable Software and Affected Versions: iATS Online Forms plugin for WordPress versions up to and including 1.2 Description: The iATS Online Forms plugin for WordPress is susceptible to time-based SQL Injection via the order parameter. Insufficient escaping of user-supplied input a...