• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-89

CVE-2021-24863

February 23, 2023 by

The WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots WordPress plugin before 6.67 does not sanitise and escape the User Agent before using it in a SQL statement to save it, leading to a SQL injection

CVE-2021-24864

February 23, 2023 by

The WP Cloudy, weather plugin WordPress plugin before 4.4.9 does not escape the post_id parameter before using it in a SQL statement in the admin dashboard, leading to a SQL Injection issue

CVE-2021-24865

February 23, 2023 by

The Advanced Custom Fields: Extended WordPress plugin before 0.8.8.7 does not validate the order and orderby parameters before using them in a SQL statement, leading to a SQL Injection issue

CVE-2021-24866

February 23, 2023 by

The WP Data Access WordPress plugin before 5.0.0 does not properly sanitise and escape the backup_date parameter before using it a SQL statement, leading to a SQL injection issue and could allow arbitrary table deletion

CVE-2021-24791

February 23, 2023 by

The Header Footer Code Manager WordPress plugin before 1.1.14 does not validate and escape the “orderby” and “order” request parameters before using them in a SQL statement when viewing the Snippets admin dashboard, leading to SQL injections

CVE-2021-24750

February 23, 2023 by

The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 4.8 does not properly sanitise and escape the refUrl in the refDetails AJAX action, available to any authenticated user, which could allow users with a role as low as subscriber to perform SQL injection attacks

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 644
  • Go to page 645
  • Go to page 646
  • Go to page 647
  • Go to page 648
  • Interim pages omitted …
  • Go to page 956
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE