All In One Wordpress Security And Firewall Security Vulnerabilities and Issues — All In One Wordpress Security And Firewall CVE List

Lucene search

Tips And Tricks HqAll In One Wordpress Security And Firewall

3 matches found

CVE•added 2014/10/02 2:55 p.m.•45 views

CVE-2014-6242

Multiple SQL injection vulnerabilities in the All In One WP Security & Firewall plugin before 3.8.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) orderby or (2) order parameter in the aiowpsec page to wp-admin/admin.php. NOTE: this can be leveraged usi...

6.5CVSS8.3AI score0.05719EPSS

CVE•added 2015/03/07 2:59 a.m.•38 views

CVE-2015-0894

SQL injection vulnerability in the All In One WP Security & Firewall plugin before 3.8.8 for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

6CVSS8.7AI score0.00674EPSS

CVE•added 2015/03/07 2:59 a.m.•31 views

CVE-2015-0895

Cross-site request forgery (CSRF) vulnerability in the All In One WP Security & Firewall plugin before 3.9.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete logs of 404 (aka Not Found) HTTP status codes.

6.8CVSS7.3AI score0.00136EPSS