Total
16323 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-11000 | 1 Smackcoders | 1 Ultimate Exporter | 2024-11-21 | 9.8 Critical |
| The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter. | ||||
| CVE-2016-10951 | 1 Firestormplugins | 1 Fs-shopping-cart | 2024-11-21 | 7.2 High |
| The fs-shopping-cart plugin 2.07.02 for WordPress has SQL injection via the pid parameter. | ||||
| CVE-2016-10950 | 1 Sirv | 1 Sirv | 2024-11-21 | 8.8 High |
| The sirv plugin before 1.3.2 for WordPress has SQL injection via the id parameter. | ||||
| CVE-2016-10949 | 1 Relevanssi | 1 Relevanssi | 2024-11-21 | 8.8 High |
| The Relevanssi Premium plugin before 1.14.6.1 for WordPress has SQL injection with resultant unsafe unserialization. | ||||
| CVE-2016-10947 | 1 Post Indexer Project | 1 Post Indexer | 2024-11-21 | 7.2 High |
| The Post Indexer plugin before 3.0.6.2 for WordPress has SQL injection via the period parameter by a super admin. | ||||
| CVE-2016-10943 | 1 Zx-csv-upload Project | 1 Zx-csv-upload | 2024-11-21 | 7.2 High |
| The zx-csv-upload plugin 1 for WordPress has SQL injection via the id parameter. | ||||
| CVE-2016-10942 | 1 Podlove | 1 Podlove Podcast Publisher | 2024-11-21 | 9.8 Critical |
| The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF. | ||||
| CVE-2016-10940 | 1 Zm-gallery Project | 1 Zm-gallery | 2024-11-21 | 7.2 High |
| The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter. | ||||
| CVE-2016-10939 | 1 Xtremelocator | 1 Xtremelocator | 2024-11-21 | 7.2 High |
| The xtremelocator plugin 1.5 for WordPress has SQL injection via the id parameter. | ||||
| CVE-2016-10921 | 1 Ays-pro | 1 Photo Gallery | 2024-11-21 | N/A |
| The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection. | ||||
| CVE-2016-10917 | 1 Search Everything Project | 1 Search Everything | 2024-11-21 | N/A |
| The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316. | ||||
| CVE-2016-10916 | 1 Codepeople | 1 Appointment Booking Calendar | 2024-11-21 | N/A |
| The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319. | ||||
| CVE-2016-10909 | 1 Codepeople | 1 Booking Calendar Contact Form | 2024-11-21 | N/A |
| The booking-calendar-contact-form plugin before 1.0.24 for WordPress has SQL injection. | ||||
| CVE-2016-10904 | 1 Olimometer Project | 1 Olimometer | 2024-11-21 | N/A |
| The olimometer plugin before 2.57 for WordPress has SQL injection. | ||||
| CVE-2016-10889 | 1 Imagely | 1 Nextgen Gallery | 2024-11-21 | N/A |
| The nextgen-gallery plugin before 2.1.57 for WordPress has SQL injection via a gallery name. | ||||
| CVE-2016-10888 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2024-11-21 | N/A |
| The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues. | ||||
| CVE-2016-10887 | 1 Tipsandtricks-hq | 1 All In One Wp Security \& Firewall | 2024-11-21 | N/A |
| The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues. | ||||
| CVE-2016-10839 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 11.54.0.4 allows SQL injection in bin/horde_update_usernames (SEC-71). | ||||
| CVE-2016-10817 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 57.9999.54 allows SQL Injection via the ModSecurity TailWatch log file (SEC-123). | ||||
| CVE-2016-10755 | 1 Abantecart | 1 Abantecart | 2024-11-21 | N/A |
| AbanteCart 1.2.8 allows SQL Injection via the source_language parameter to admin/controller/pages/localisation/language.php and core/lib/language_manager.php, or via POST data to admin/controller/pages/tool/backup.php and admin/model/tool/backup.php. | ||||