SQL Injection

WordPress Zero Spam plugin is vulnerable to SQL Injection. The vulnerability is due to insufficient sanitization and escaping of the order and orderby parameters before they are used in SQL queries in the admin dashboard, allowing attackers to inject malicious SQL statements and manipulate databa...

WordPress Zero Spam Plugin <= 5.4.4 is vulnerable to SQL Injection

Software Zero Spam Type Plugin Vulnerable versions = 5.4.4 Fixed in 5.4.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-32121 Patch priority Low CVSS severity Low 7.6 Developer Highfivery PSID e207350207ef Credits OZ1NG TOOR, LISA Required privilege Administrator Published ...

CVE-2022-0254

The WordPress Zero Spam WordPress plugin before 5.2.11 does not properly sanitise and escape the order and orderby parameters before using them in a SQL statement in the admin dashboard, leading to a SQL injection...

Sql injection

The WordPress Zero Spam WordPress plugin before 5.2.11 does not properly sanitise and escape the order and orderby parameters before using them in a SQL statement in the admin dashboard, leading to a SQL injection...

WordPress plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress Zero Spam plugin is a WordPress open source application plugin. SQL injection vulnerability exists in versions of WordPress Zero Spam plugin prior to 5.2.11. The vulnerability stems from t...

WordPress Zero Spam <= 2.1.1 - unauthorized blind

No description provided by source...

WordPress Zero Spam <= 2.1.1 - Unauthenticated Blind SQL Injection

The WordPress Zero Spam WordPress plugin was affected by an Unauthenticated Blind SQL Injection security vulnerability. PoC HTTP request header: Client-IP: '+select0fromselectsleep10v+'...