CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection...

7.2CVSS7.4AI score0.00567EPSS

Exploits2References1

CNVD•added 2021/12/18 12:0 a.m.•18 views

WordPress Quotes Collection plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the erection of personal blog sites on PHP and MySQL servers. Quotes Collection Plugin is a WordPress open source application plugin. WordPress Quotes Collection Plugin has a S...

7.2CVSS3AI score0.00567EPSS

Exploits2References1

OSV•added 2021/12/13 11:15 a.m.•0 views

CVE-2021-24861

The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection...

7.2CVSS7.1AI score0.00567EPSS

Exploits2References1

NVD•added 2021/12/13 11:15 a.m.•14 views

CVE-2021-24861

The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection...

7.2CVSS0.00567EPSS

Exploits2References1

Cvelist•added 2021/12/13 10:41 a.m.•12 views

CVE-2021-24861 Quotes Collection <= 2.5.2 - Admin+ SQL Injection

The Quotes Collection WordPress plugin through 2.5.2 does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection...

7.5AI score0.00567EPSS

Exploits2References1

CVE•added 2021/12/13 10:41 a.m.•34 views

CVE-2021-24861

CVE-2021-24861 affects WordPress Quotes Collection plugin (versions

7.2CVSS7.2AI score0.00567EPSS

Exploits2References1Affected Software1

CNNVD•added 2021/12/13 12:0 a.m.•1 views

WordPress和WordPress 插件 SQL注入漏洞

7.2CVSS6.2AI score0.00567EPSS

Exploits2References2

wpexploit•added 2021/11/15 12:0 a.m.•177 views

Quotes Collection <= 2.5.2 - Admin+ SQL Injection

The plugin does not validate and escape the bulkcheck parameter before using it in a SQL statement, leading to a SQL injection https://example.com/wp-admin/admin.php?page=quotes-collection&s=&wpnonce=6e21e0a8b6&action=makepublic&paged=1&bulkcheck=1%20and%20sleep10--%20-&action2=makepublic...

7.2CVSS7.2AI score0.00567EPSS

Exploits2

Patchstack•added 2021/11/15 12:0 a.m.•18 views

WordPress Quotes Collection plugin <= 2.5.2 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by JrXnm in WordPress Quotes Collection plugin versions = 2.5.2. Solution Deactivate and delete. This plugin has been closed as of October 13, 2021 and is not available for download. This closure is temporary, pending a full review...

7.2CVSS3.6AI score0.00567EPSS

Exploits2References3Affected Software1

CNVD•added 2019/09/17 12:0 a.m.•1 views

WordPress quotes-collection plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress quotes-collection plugin versions prior to 2.0.6. The...

6.1CVSS6.3AI score0.00243EPSS

Exploits1References1

NVD•added 2019/09/13 1:15 p.m.•6 views

CVE-2016-10952

The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter...

6.1CVSS6.1AI score0.00243EPSS

Exploits1References3

OSV•added 2019/09/13 1:15 p.m.•2 views

CVE-2016-10952

The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter...

6.1CVSS5.8AI score0.00243EPSS

Exploits1References3

Prion•added 2019/09/13 1:15 p.m.•8 views

Design/Logic Flaw

The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter...

4.3CVSS6.1AI score0.00243EPSS

Exploits1References3Affected Software1

Cvelist•added 2019/09/13 12:13 p.m.•11 views

CVE-2016-10952

The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter...

6.1AI score0.00243EPSS

Exploits1References3

CVE•added 2019/09/13 12:13 p.m.•147 views

CVE-2016-10952

The CVE relates to the WordPress Quotes Collection plugin (versions before 2.0.6). Multiple sources in connected documents confirm a Cross-Site Scripting (XSS) vulnerability exposed via the wp-admin/admin.php?page=quotes-collection parameter. This indicates a reflected XSS condition where user-su...

6.1CVSS6AI score0.00243EPSS

Exploits1References3Affected Software1

0day.today•added 2016/11/09 12:0 a.m.•29 views

WordPress Quotes Collection 2.0.5 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

7.1AI score

Exploits0

Packet Storm•added 2016/11/08 12:0 a.m.•38 views

WordPress Quotes Collection 2.0.5 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin ------------------------------------------------------------------------ Yorick Koster, July 2016...

0.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by