The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'google_map' shortcode in all versions up to, and including, 1.0 due to insufficient es
The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'mj_smgt_show_event_task' AJAX action in all versions up to, and including,
The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable to SQL Injection via the 'order[user_login][dir]' parameter in all versions up to, and including, 5.5.
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to SQL Injection via the 'inputs' parameter in versions up to, and including, 1.15.42 due
The PGS Core plugin for WordPress is vulnerable to SQL Injection via the 'event' parameter in the 'save_header_builder' function in all versions up to, and including, 5.8.0 due to insufficient escapin
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to generic SQL Injection via the 'data' parameter in all versions up to, and including, 3.9.11 due to insufficie
The Bucketlister plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode `category` and `id` attributes in all versions up to, and including, 0.1.5 due to insufficient escaping
The Cost Calculator Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_ids’ parameter in all versions up to, and including, 3.2.67 due to insufficient escaping on th
The Page Expire Popup/Redirection for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' shortcode attribute in all versions up to, and including, 1.0 due to insuffi
The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient
The B1.lt plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 2.2.56 due to insufficient escaping on the user supplied parameter and lack o
WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMap
Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id'
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the id param
The User Registration & Membership plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in version 4.3.0. This is due to insufficient escaping on the user supplied parameter and l
The Code Clone plugin for WordPress is vulnerable to time-based SQL Injection via the ‘snippetId’ parameter in all versions up to, and including, 0.9 due to insufficient escaping on the user supplied
The WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including
The Passwords Manager plugin for WordPress is vulnerable to SQL Injection via the $wpdb->prefix value in several AJAX fuctions in all versions up to, and including, 1.4.8 due to insufficient escaping
The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter an
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'search' parameter in all versions up to, and including, 1.4.6 due to insufficient escaping on the user supplied parame