15 matches found
EUVD-2021-11540
Malware in sbrugna...
CVE-2021-24628
The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection...
WordPress Wow Forms plugin SQL injection vulnerability (CNVD-2021-99632)
WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress Wow Forms plugin in version 3.1.3 and earlier, which stems fr...
CVE-2021-24628
The Wow Forms WordPress plugin through 3.1.3 does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection...
CVE-2021-24628
The CVE concerns WordPress Wow Forms plugin
WordPress SQL注入漏洞
WordPress is a set of blogging platforms developed using the PHP language by the Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress Wow Forms plugin in version 3.1.3 and earlier, which stems fr...
WordPress Wow Forms plugin <= 3.1.3 - SQL Injection (SQLi) vulnerability
SQL Injection SQLi vulnerability discovered by Shreya Pohekar Codevigilant Project in WordPress Wow Forms plugin versions = 3.1.3. Solution Deactivate and delete. This plugin has been closed as of June 18, 2021 and is not available for download. Reason: Security Issue...
Wow Forms <= 3.1.3 - Admin+ SQL Injection
The plugin does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection https://plugins.trac.wordpress.org/browser/mwp-forms/trunk/admin/partials/main.phpL13 As admin,...
Wow Forms <= 3.1.3 - Admin+ SQL Injection
The plugin does not sanitise or escape a 'did' GET parameter before using it in a SQL statement, when deleting a form in the admin dashboard, leading to an authenticated SQL injection PoC https://plugins.trac.wordpress.org/browser/mwp-forms/trunk/admin/partials/main.phpL13 As admin,...
WordPress Wow Forms Plugin SQL Injection Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress Wow Forms plugin, which can be exploited by attackers to access or modi...
WordPress Plugin Wow Forms 2.1 - SQL Injection
WordPress Plugin Wow Forms 2.1 - SQL Injection Exploit Title: Wow Forms v2.1 WordPress Plugin SQL Injection Date: 29/03/2017 Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-forms/ Version: 2.1 Contact: infoattad.group Website:...
WordPress Wow Forms plugin <= 2.1 - SQL Injection
The POST parameter wowformid is vulnerable to SQL injection. This parameter is not escaped properly. Solution Update the plugin...
WordPress Wow Forms 2.1 Plugin - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wow Forms v2.1 WordPress Plugin SQL Injection Date: 29/03/2017 Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-forms/ Version: 2.1 Contact: email protected...
WordPress Plugin Wow Forms 2.1 - SQL Injection
Exploit Title: Wow Forms v2.1 WordPress Plugin SQL Injection Date: 29/03/2017 Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-forms/ Version: 2.1 Contact: infoattad.group Website: https://tad.group Category: Web Application...
WordPress Wow Forms v2.1 Plugin SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Wow Forms v2.1 WordPress Plugin SQL Injection Exploit Author: TAD GROUP Vendor Homepage: http://wow-company.com/ Software Link: https://wordpress.org/plugins/mwp-forms/ Version: 2.1 Contact: email protected Website: https://tad....