Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8873

8873 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-24683 WordPress RSVP and Event Management Plugin <= 2.7.14 - SQL Injection vulnerability — RSVP and Event Management 7.6 High2025-01-24
CVE-2025-24669 WordPress SERPed.net Plugin <= 4.4 - SQL Injection vulnerability — SERPed.net 8.5 High2025-01-24
CVE-2025-24672 WordPress Form Builder CP Plugin <= 1.2.41 - SQL Injection vulnerability — Form Builder CP 8.5 High2025-01-24
CVE-2025-24659 WordPress Premium Packages – Sell Digital Products Securely plugin <= 5.9.6 - SQL Injection vulnerability — WPDM – Premium Packages 7.6 High2025-01-24
CVE-2025-24663 WordPress Simple Download Monitor plugin <= 3.9.25 - SQL Injection vulnerability — Simple Download Monitor 7.6 High2025-01-24
CVE-2025-0701 JoeyBling bootplus list sql injection — bootplus 6.3 Medium2025-01-24
CVE-2025-0700 JoeyBling bootplus list sql injection — bootplus 6.3 Medium2025-01-24
CVE-2025-0699 JoeyBling bootplus list sql injection — bootplus 6.3 Medium2025-01-24
CVE-2025-0698 JoeyBling bootplus list sql injection — bootplus 6.3 Medium2025-01-24
CVE-2024-13594 Simple Downloads List <= 1.4.2 - Authenticated (Contributor+) SQL Injection — Simple Downloads List 6.5 Medium2025-01-24
CVE-2024-13680 Form Builder CP <= 1.2.41 - Authenticated (Contributor+) SQL Injection — Form Builder CP 6.5 Medium2025-01-24
CVE-2024-13236 Tainacan <= 0.21.12 - Authenticated (Subscriber+) SQL Injection — Tainacan 6.5 Medium2025-01-23
CVE-2024-13234 Product Table by WBW <= 2.1.2 - Unuthenticated SQL Injection — Product Table for WooCommerce by WBW 7.5 High2025-01-23
CVE-2025-23931 WordPress WordPress Local SEO plugin <= 2.3 - SQL Injection vulnerability — WordPress Local SEO 9.3 Critical2025-01-22
CVE-2025-23910 WordPress Menus Plus+ Plugin <= 1.9.6 - SQL Injection vulnerability — Menus Plus+ 8.5 High2025-01-22
CVE-2025-23784 WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability — Contact Form 7 Round Robin Lead Distribution 7.6 High2025-01-22
CVE-2024-13496 GamiPress <= 7.3.1 - Unauthenticated SQL Injection via orderby Parameter — GamiPress – Gamification plugin to reward points, achievements, badges & ranks in WordPress 7.5 High2025-01-22
CVE-2024-13426 WP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site Scripting — WP-Polls 5.4 Medium2025-01-22
CVE-2025-22716 WordPress Taskbuilder Plugin <= 3.0.6 - SQL Injection vulnerability — Taskbuilder 8.5 High2025-01-21
CVE-2025-22710 WordPress Smart Manager Plugin <= 8.52.0 - SQL Injection vulnerability — Smart Manager 7.6 High2025-01-21
CVE-2025-22553 WordPress Multiple Carousel Plugin <= 2.0 - SQL Injection vulnerability — Multiple Carousel 9.3 Critical2025-01-21
CVE-2024-51818 WordPress Fancy Product Designer plugin <= 6.4.3 - Unauthenticated SQL Injection vulnerability — Fancy Product Designer 9.3 Critical2025-01-21
CVE-2024-49666 WordPress ARPrice plugin <= 4.1.3 - SQL Injection vulnerability — ARPrice 8.5 High2025-01-21
CVE-2024-49333 WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability — Hero Mega Menu - Responsive WordPress Menu Plugin 8.5 High2025-01-21
CVE-2024-49303 WordPress Hero Menu plugin <= 1.16.5 - SQL Injection vulnerability — Hero Mega Menu - Responsive WordPress Menu Plugin 8.5 High2025-01-21
CVE-2024-49655 WordPress ARPrice plugin <= 4.1.3 - Unauthenticated SQL Injection vulnerability — ARPrice 9.3 Critical2025-01-21
CVE-2024-13230 Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.14 - Unauthenticated Limited SQL Injection via 'SuperSocializerKey' — Social Share, Social Login and Social Comments Plugin – Super Socializer 5.3 Medium2025-01-21
CVE-2025-23220 WeGIA has a SQL Injection endpoint 'adicionar_raca.php' parameter 'raca' — WeGIA 9.1 -2025-01-20
CVE-2025-23219 WeGIA has a SQL Injection endpoint 'adicionar_cor.php' parameter 'cor' — WeGIA 9.1 -2025-01-20
CVE-2025-23218 WeGIA has a SQL Injection endpoint 'adicionar_especie.php' parameter 'especie' — WeGIA 7.5 -2025-01-20

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8873 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.