SQL Injection

johnpbloch/wordpress-core is vulnerable to sql injection. The vulnerability exists due to the lack of sanitization in the WPMetaQuery , allowing an attacker to inject and execute malicious SQL queries to the DB...

WordPress 5.2.x < 5.2.14 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 4.8.x < 4.8.18 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 5.6.x < 5.6.7 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 4.2.x < 4.2.31 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 4.5.x < 4.5.25 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 4.0.x < 4.0.34 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 4.7.x < 4.7.22 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 3.9.x < 3.9.35 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

WordPress 4.1-5.8.2 - SQL Injection via WP_Meta_Query

Description Due to lack of proper sanitization in WPMetaQuery, there's potential for blind SQL Injection...

WordPress -- Multiple Vulnerabilities

The WordPress project reports: Issue with stored XSS through post slugs Issue with Object injection in some multisite installations SQL injection vulnerability in WPQuery SQL injection vulnerability in WPMetaQuery...