CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1751 CVE-2021-24521 89 Sql 2021-08-09 2021-08-17
6.5
None Remote Low ??? Partial Partial Partial
The Side Menu Lite – add sticky fixed buttons WordPress plugin before 2.2.1 does not properly sanitize input values from the browser when building an SQL statement. Users with the administrator role or permission to manage this plugin could perform an SQL Injection attack.
1752 CVE-2021-24520 89 Sql 2021-08-09 2021-08-16
6.5
None Remote Low ??? Partial Partial Partial
The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability.
1753 CVE-2021-24511 89 Sql 2021-09-20 2021-09-29
6.5
None Remote Low ??? Partial Partial Partial
The fetch_product_ajax functionality in the Product Feed on WooCommerce WordPress plugin before 3.3.1.0 uses a `product_id` POST parameter which is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1754 CVE-2021-24506 89 Sql 2021-08-23 2021-08-26
6.5
None Remote Low ??? Partial Partial Partial
The Slider Hero with Animation, Video Background & Intro Maker WordPress plugin before 8.2.7 does not sanitise or escape the id attribute of its hero-button shortcode before using it in a SQL statement, allowing users with a role as low as Contributor to perform SQL injection.
1755 CVE-2021-24497 89 Exec Code Sql 2021-08-23 2021-08-30
6.5
None Remote Low ??? Partial Partial Partial
The Giveaway WordPress plugin through 1.2.2 is vulnerable to an SQL Injection issue which allows an administrative user to execute arbitrary SQL commands via the $post_id on the options.php page.
1756 CVE-2021-24492 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtst_previewShortcodeInstanceId POST parameter before using it in a SQL statement, leading to an SQL Injection issue.
1757 CVE-2021-24491 352 CSRF 2021-09-13 2021-09-23
6.8
None Remote Medium Not required Partial Partial Partial
The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files. As a result, attackers could make a logged in administrator delete and upload arbitrary files via a CSRF attack
1758 CVE-2021-24490 352 CSRF 2021-09-13 2021-09-23
6.0
None Remote Medium ??? Partial Partial Partial
The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well. However, due to the presence of a .htaccess, denying access to everything in the folder the file is uploaded to, the malicious uploaded file will only be accessible on Web Servers such as Nginx/IIS
1759 CVE-2021-24487 352 XSS CSRF 2021-10-25 2021-10-28
6.8
None Remote Medium Not required Partial Partial Partial
The St-Daily-Tip WordPress plugin through 4.7 does not have any CSRF check in place when saving its 'Default Text to Display if no tips' setting, and was also lacking sanitisation as well as escaping before outputting it the page. This could allow attacker to make logged in administrators set a malicious payload in it, leading to a Stored Cross-Site Scripting issue
1760 CVE-2021-24484 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1761 CVE-2021-24483 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1762 CVE-2021-24463 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_sliders() function in the Image Slider by Ays- Responsive Slider and Carousel WordPress plugin before 2.5.0 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1763 CVE-2021-24462 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_gallery_categories() and get_galleries() functions in the Photo Gallery by Ays – Responsive Image Gallery WordPress plugin before 4.4.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1764 CVE-2021-24461 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_faqs() function in the FAQ Builder AYS WordPress plugin before 1.3.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1765 CVE-2021-24460 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_fb_likeboxes() function in the Popup Like box – Page Plugin WordPress plugin before 3.5.3 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1766 CVE-2021-24459 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_results() and get_items() functions in the Survey Maker WordPress plugin before 1.5.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1767 CVE-2021-24458 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_ays_popupboxes() and get_popup_categories() functions of the Popup box WordPress plugin before 2.3.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1768 CVE-2021-24457 89 Sql 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The get_portfolios() and get_portfolio_attributes() functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Portfolio Responsive Gallery WordPress plugin before 1.1.8 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
1769 CVE-2021-24456 89 Sql 2021-08-02 2021-08-09
6.5
None Remote Low ??? Partial Partial Partial
The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard
1770 CVE-2021-24451 89 Sql 2021-07-06 2021-07-09
6.5
None Remote Low ??? Partial Partial Partial
The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to an authenticated SQL Injection.
1771 CVE-2021-24441 1236 2021-07-12 2021-07-15
6.0
None Remote Medium ??? Partial Partial Partial
The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitise or validate the Sheet title when generating the CSV to export, which could lead to a CSV injection issue
1772 CVE-2021-24430 94 2021-08-02 2021-08-10
6.5
None Remote Low ??? Partial Partial Partial
The Speed Booster Pack âš¡ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE
1773 CVE-2021-24404 89 Sql 2021-09-20 2021-09-28
6.5
None Remote Low ??? Partial Partial Partial
The options.php file of the WP-Board WordPress plugin through 1.1 beta accepts a postid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is passed twice so if we pass time as 5 seconds it takes 10 seconds to return since the query ran twice.
1774 CVE-2021-24403 89 Sql 2021-09-20 2021-09-29
6.5
None Remote Low ??? Partial Partial Partial
The Orders functionality in the WordPress Page Contact plugin through 1.0 has an order_id parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors
1775 CVE-2021-24402 89 Sql 2021-09-20 2021-09-29
6.5
None Remote Low ??? Partial Partial Partial
The Orders functionality in the WP iCommerce WordPress plugin through 1.1.1 has an `order_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. The feature is available to low privilege users such as contributors
1776 CVE-2021-24401 89 Sql 2021-09-20 2021-09-29
6.5
None Remote Low ??? Partial Partial Partial
The Edit domain functionality in the WP Domain Redirect WordPress plugin through 1.0 has an `editid` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1777 CVE-2021-24400 89 Sql 2021-09-20 2021-10-18
6.5
None Remote Low ??? Partial Partial Partial
The Edit Role functionality in the Display Users WordPress plugin through 2.0.0 had an `id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1778 CVE-2021-24399 89 Sql 2021-09-20 2021-09-28
6.5
None Remote Low ??? Partial Partial Partial
The check_order function of The Sorter WordPress plugin through 1.0 uses an `area_id` parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1779 CVE-2021-24398 89 Sql 2021-09-20 2021-09-29
6.5
None Remote Low ??? Partial Partial Partial
The Add new scene functionality in the Responsive 3D Slider WordPress plugin through 1.2 uses an id parameter which is not sanitised, escaped or validated before being inserted to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is passed twice so if we pass time as 5 seconds it takes 10 seconds to return since the query is ran twice.
1780 CVE-2021-24397 89 Sql 2021-09-20 2021-09-29
6.5
None Remote Low ??? Partial Partial Partial
The edit functionality in the MicroCopy WordPress plugin through 1.1.0 makes a get request to fetch the related option. The id parameter used is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1781 CVE-2021-24396 89 Sql 2021-09-20 2021-09-28
6.5
None Remote Low ??? Partial Partial Partial
A pageid GET parameter of the GSEOR – WordPress SEO Plugin WordPress plugin through 1.3 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1782 CVE-2021-24395 89 Sql 2021-09-06 2021-09-09
6.5
None Remote Low ??? Partial Partial Partial
The editid GET parameter of the Embed Youtube Video WordPress plugin through 1.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1783 CVE-2021-24394 89 Sql 2021-09-06 2021-09-09
6.5
None Remote Low ??? Partial Partial Partial
An id GET parameter of the Easy Testimonial Manager WordPress plugin through 1.2.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection
1784 CVE-2021-24393 89 Sql 2021-09-06 2021-09-09
6.5
None Remote Low ??? Partial Partial Partial
A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1785 CVE-2021-24392 89 Sql 2021-09-06 2021-09-09
6.5
None Remote Low ??? Partial Partial Partial
An id GET parameter of the WordPress Membership SwiftCloud.io WordPress plugin through 1.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1786 CVE-2021-24391 89 Sql 2021-09-06 2021-09-09
6.5
None Remote Low ??? Partial Partial Partial
An editid GET parameter of the Cashtomer WordPress plugin through 1.0.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection.
1787 CVE-2021-24390 89 Sql 2021-09-06 2021-09-09
6.5
None Remote Low ??? Partial Partial Partial
A proid GET parameter of the WordPress支付�Alipay|财付通Tenpay|��PayPal集��件 WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection.
1788 CVE-2021-24377 362 Bypass 2021-06-21 2021-09-20
6.8
None Remote Medium Not required Partial Partial Partial
The Autoptimize WordPress plugin before 2.7.8 attempts to remove potential malicious files from the extracted archive uploaded via the 'Import Settings' feature, however this is not sufficient to protect against RCE as a race condition can be achieved in between the moment the file is extracted on the disk but not yet removed. It is a bypass of CVE-2020-24948.
1789 CVE-2021-24356 284 2021-06-14 2021-06-21
6.5
None Remote Low ??? Partial Partial Partial
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activate_plugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites.
1790 CVE-2021-24354 269 2021-06-14 2021-09-20
6.5
None Remote Low ??? Partial Partial Partial
A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.
1791 CVE-2021-24353 284 2021-06-14 2021-06-21
6.8
None Remote Medium Not required Partial Partial Partial
The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects.
1792 CVE-2021-24352 284 2021-06-14 2021-06-21
6.8
None Remote Medium Not required Partial Partial Partial
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects.
1793 CVE-2021-24348 89 Sql 2021-06-14 2021-06-21
6.5
None Remote Low ??? Partial Partial Partial
The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue
1794 CVE-2021-24347 94 2021-06-14 2021-09-20
6.5
None Remote Low ??? Partial Partial Partial
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from "php" to "pHP".
1795 CVE-2021-24345 89 Sql 2021-06-14 2021-06-21
6.0
None Remote Medium ??? Partial Partial Partial
The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the id_lista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection.
1796 CVE-2021-24341 89 Sql 2021-06-14 2021-06-23
6.5
None Remote Low ??? Partial Partial Partial
When deleting a date in the Xllentech English Islamic Calendar WordPress plugin before 2.6.8, the year_number and month_number POST parameters are not sanitised, escaped or validated before being used in a SQL statement, leading to SQL injection.
1797 CVE-2021-24337 89 Sql 2021-06-07 2021-07-15
6.5
None Remote Low ??? Partial Partial Partial
The id GET parameter of one of the Video Embed WordPress plugin through 1.0's page (available via forced browsing) is not sanitised, validated or escaped before being used in a SQL statement, allowing low privilege users, such as subscribers, to perform SQL injection.
1798 CVE-2021-24336 89 Sql 2021-06-07 2021-06-14
6.5
None Remote Low ??? Partial Partial Partial
The FlightLog WordPress plugin through 3.0.2 does not sanitise, validate or escape various POST parameters before using them a SQL statement, leading to SQL injections exploitable by editor and administrator users
1799 CVE-2021-24312 94 2021-06-01 2021-06-11
6.5
None Remote Low ??? Partial Partial Partial
The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_page_text, $cache_scheduled_time, $cached_direct_pages used in the settings of WP Super Cache WordPress plugin before 1.7.3 result in RCE because they allow input of '$' and '\n'. This is due to an incomplete fix of CVE-2021-24209.
1800 CVE-2021-24311 434 2021-06-01 2021-06-22
6.5
None Remote Low ??? Partial Partial Partial
The wp_ajax_upload-remote-file AJAX action of the External Media WordPress plugin before 1.0.34 was vulnerable to arbitrary file uploads via any authenticated users.
Total number of vulnerabilities : 23854   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 (This Page)37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.