The 'Project Manager' WordPress Plugin is affected by an authenticated SQL injection vulnerability in the 'orderby' parameter in the '/pm/v2/activites' route.
The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in
The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to SQL Injection via the 'project_id' parameter of the /wp
The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby' parameter in all versions up to, and including, 4.9.9.8 due to insufficient escaping on the user suppli
The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 2.1.11 due to insufficient escaping on the user sup
The WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including
The Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links plugin for WordPress is vulnerable to SQL Injection via the 'orderBy' parameter in all versions up to, and including,
The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 7.0.3 due t
The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' and 'sort_by' parameters in all versions up to, an
The WP Data Access – App, Table, Form and Chart Builder plugin plugin for WordPress is vulnerable to SQL Injection via the 'order[user_login][dir]' parameter in all versions up to, and including, 5.5.
The onOffice for WP-Websites plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 6.5.1 due to insufficient escaping on the user supplied
The ProjectList plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and including, 0.3.0 due to insufficient escaping on the user supplied para
The Project Management, Team Collaboration, Kanban Board, Gantt Charts, Task Manager and More – WP Project Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘completed_at_
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in the action nf_load_form_entries in all versions up to, and inclu
The coreActivity: Activity Logging for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'order' and 'orderby' parameters in all versions up to, and including, 2.7 due to insuffici
The WPNakama plugin for WordPress is vulnerable to time-based SQL Injection via the 'order_by' parameter in all versions up to, and including, 0.6.3 due to insufficient escaping on the user supplied p
The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 2.0.15 due to insufficient escaping on the u
The Accredible Certificates & Open Badges plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.4.9 due to insufficient esc
The WP-Members Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'order_by' attribute of the [wpmem_user_membership_posts] shortcode in all versions up to, and including, 3
The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up t
Page 1+ Next →