EUVD-2021-11639

Malware in sbrugna...

CVE-2021-24863

The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection...

CVE-2021-24727

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...

WordPress StopBadBots Plugin <= 10.23 is vulnerable to Broken Access Control

Software StopBadBots Type Plugin Vulnerable versions = 10.23 Fixed in 10.24 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-4355 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c1d3c12009e3 Credits Krzysztof Zając Required privilege...

WordPress StopBadBots plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. StopBadBots Plugin is a WordPress open source application plugin. WordPress StopBadBots Plugin in versions prior to...

CVE-2021-24863

The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection...

CVE-2021-24727

The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections...