CWE-89
High likelihoodImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
19,735 vulnerabilities with CWE-89
CVE-2023-33927
HIGH
Themeisle Multiple Page Generator Plugin - SQL Injection
CVSS 7.6
CVE-2023-31212
HIGH
CRM Perks Database for Contact Form 7, WPforms, Elementor forms < 1.3.0 - Authenticated SQL Injection
CVSS 8.5
CVE-2023-24410
MEDIUM
Contact Form - WPManageNinja LLC <4.3.25 - SQL Injection
CVSS 5.5
CVE-2023-28777
HIGH
LearnDash LMS <4.5.3 - SQL Injection
CVSS 8.5
CVE-2023-25047
MEDIUM
RSVPMaker < 9.9.3 - SQL Injection
CVSS 5.5
CVE-2023-25045
MEDIUM
RSVPMaker < 9.9.3 - SQL Injection
CVSS 6.7
CVE-2023-24000
HIGH
GamiPress < 2.5.7 - Unauthenticated SQL Injection
CVSS 8.2
CVE-2023-5464
HIGH
gopiplus jquery_accordion_slideshow <= 8.1 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5439
HIGH
Wp photo text slider 50 <= 8.0 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5438
HIGH
WP Image Slideshow <= 12.0 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5437
HIGH
WP fade in text news <= 12.0 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5436
HIGH
Vertical marquee plugin <= 7.1 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5435
HIGH
Up down image slideshow gallery <= 12.0 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5434
HIGH
Superb slideshow gallery < 13.1 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5433
HIGH
Message ticker < 9.2 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5431
HIGH
Left right image slideshow gallery <= 12.0 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5430
HIGH
Jquery news ticker < 3.1 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5429
HIGH
Information Reel <= 10.0 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5428
HIGH
Image vertical reel scroll slideshow < 9.1 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-5412
HIGH
Image horizontal reel scroll slideshow < 13.3 - Authenticated SQL Injection via Shortcode Parameter
CVSS 8.8
CVE-2023-45996
HIGH
Senayan Library Management Systems <9-9.6.1 - SQL Injection
CVSS 8.8
CVE-2023-36263
CRITICAL
Prestashop opartlimitquantity <1.4.5 - SQL Injection
CVSS 9.8
CVE-2023-46356
CRITICAL
Bl Modules for PrestaShop <2.6.1 - SQL Injection
CVSS 9.8
CVE-2023-45378
CRITICAL
PrestaBlog < 4.4.8 - Unauthenticated SQL Injection via ajax slider_positions.php
CVSS 9.8
CVE-2023-27846
CRITICAL
themevolty theme_volty_cms_blog < 4.0.8 - SQL Injection via tvcmsblog Component
CVSS 9.8
Details
Vulnerabilities
19,735
Exploit Likelihood
High