Total
14628 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-9448 | 1 Pressified | 1 Sendpress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter. | |||||
| CVE-2015-9446 | 1 Unitegallery | 1 Unite Gallery Lite | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php. | |||||
| CVE-2015-9400 | 1 Typomedia | 1 Wordpress Meta Robots | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection. | |||||
| CVE-2015-9399 | 1 Trivetechnology | 1 Wp-stats-dashboard | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection. | |||||
| CVE-2015-9398 | 1 Webmaster-source | 1 Gocodes | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection. | |||||
| CVE-2015-9395 | 1 Usersultra | 1 Users Ultra Membership | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action. | |||||
| CVE-2015-9353 | 1 Tri | 1 Gigpress | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066. | |||||
| CVE-2015-9352 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-polls plugin before 2.72 for WordPress has SQL injection. | |||||
| CVE-2015-9344 | 1 Perafox | 1 Link Log | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The link-log plugin before 2.1 for WordPress has SQL injection. | |||||
| CVE-2015-9335 | 1 Bestwebsoft | 1 Limit Attempts | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling. | |||||
| CVE-2015-9334 | 1 Email-newsletter Project | 1 Email-newsletter | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The email-newsletter plugin through 20.15 for WordPress has SQL injection. | |||||
| CVE-2015-9333 | 1 Cformsii Project | 1 Cformsii | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The cforms2 plugin before 14.6.10 for WordPress has SQL injection. | |||||
| CVE-2015-9330 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection. | |||||
| CVE-2015-9326 | 1 Wpbusinessintelligence | 1 Wp Business Intelligence | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection. | |||||
| CVE-2015-9325 | 1 Bestwebsoft | 1 Visitors Online | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The visitors-online plugin before 0.4 for WordPress has SQL injection. | |||||
| CVE-2015-9323 | 1 Duckdev | 1 404 To 301 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection. | |||||
| CVE-2015-9316 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.php?action=wpfc_wppolls_ajax_request via the poll_id parameter. | |||||
| CVE-2015-9315 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newstatpress plugin before 1.0.1 for WordPress has SQL injection. | |||||
| CVE-2015-9313 | 1 Newstatpress Project | 1 Newstatpress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element. | |||||
| CVE-2015-9310 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues. | |||||