CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8880

8880 vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-32087	WordPress Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and More plugin <= 3.5.7 - Auth. SQL Injection (SQLi) vulnerability — Product Feed on WooCommerce for Google	7.6	High	2024-04-15
CVE-2024-32098	WordPress Advanced Page Visit Counter plugin <= 8.0.6 - Auth. SQL Injection (SQLi) vulnerability — Advanced Page Visit Counter	7.6	High	2024-04-15
CVE-2024-32125	WordPress BA Book Everything plugin <= 1.6.4 - Auth. SQL Injection vulnerability — BA Book Everything	8.5	High	2024-04-15
CVE-2024-32127	WordPress Find Duplicates plugin <= 1.4.6 - Auth. SQL Injection vulnerability — Find Duplicates	8.5	High	2024-04-15
CVE-2024-32128	WordPress Realtyna Organic IDX plugin + WPL Real Estate plugin <= 4.14.4 - Unauthenticated SQL Injection vulnerability — Realtyna Organic IDX plugin	9.3	Critical	2024-04-15
CVE-2024-32132	WordPress CBX Bookmark & Favorite plugin <= 1.7.20 - SQL Injection vulnerability — CBX Bookmark & Favorite	7.6	High	2024-04-15
CVE-2024-32134	WordPress Forms to Zapier plugin <= 1.1.12 - Auth. SQL Injection vulnerability — Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook	7.6	High	2024-04-15
CVE-2024-32135	WordPress Disable Comments \| WPZest plugin <= 1.51 - SQL Injection vulnerability — Disable Comments \| WPZest	7.6	High	2024-04-15
CVE-2024-32136	WordPress BWL Advanced FAQ Manager plugin <= 2.0.3 - Auth. SQL Injection vulnerability — BWL Advanced FAQ Manager	7.6	High	2024-04-15
CVE-2024-32137	WordPress User Activity Log Pro plugin <= 2.3.4 - Auth. SQL Injection vulnerability — User Activity Log Pro	8.5	High	2024-04-15
CVE-2024-32139	WordPress Podlove Podcast Publisher plugin <= 4.0.12 - SQL Injection vulnerability — Podlove Podcast Publisher	8.5	High	2024-04-15
CVE-2024-3771	PHPGurukul Student Record System edit-subject.php sql injection — Student Record System	6.3	Medium	2024-04-15
CVE-2024-3770	PHPGurukul Student Record System sql injection — Student Record System	6.3	Medium	2024-04-15
CVE-2024-3769	PHPGurukul Student Record System login.php sql injection — Student Record System	7.3	High	2024-04-15
CVE-2024-3768	PHPGurukul/itsourcecode News Portal search.php sql injection — News Portal	6.3	Medium	2024-04-15
CVE-2024-3767	PHPGurukul News Portal edit-post.php sql injection — News Portal	6.3	Medium	2024-04-15
CVE-2024-3720	Tianwell Fire Intelligent Command Platform API Interface page sql injection — Fire Intelligent Command Platform	6.3	Medium	2024-04-13
CVE-2024-3719	Campcodes House Rental Management System ajax.php sql injection — House Rental Management System	6.3	Medium	2024-04-13
CVE-2024-3698	Campcodes House Rental Management System manage_payment.php sql injection — House Rental Management System	6.3	Medium	2024-04-12
CVE-2024-3697	Campcodes House Rental Management System manage_tenant.php sql injection — House Rental Management System	6.3	Medium	2024-04-12
CVE-2024-3696	Campcodes House Rental Management System view_payment.php sql injection — House Rental Management System	6.3	Medium	2024-04-12
CVE-2024-3691	PHPGurukul Small CRM Registration Page sql injection — Small CRM	7.3	High	2024-04-12
CVE-2024-3690	PHPGurukul Small CRM Change Password sql injection — Small CRM	6.3	Medium	2024-04-12
CVE-2024-3688	Xiamen Four-Faith RMP Router Management Platform sql injection — RMP Router Management Platform	6.3	Medium	2024-04-12
CVE-2024-3704	SQL Injection vulnerability in OpenGnsys — OpenGnsys	9.8	Critical	2024-04-12
CVE-2024-3685	DedeCMS stepselect_main.php sql injection — DedeCMS	6.3	Medium	2024-04-12
CVE-2024-3211	Shopping Cart & eCommerce Store <= 5.6.3 - Authenticated (Contributor+) SQL Injection — Shopping Cart & eCommerce Store	8.8	High	2024-04-12
CVE-2024-3621	SourceCodester Kortex Lite Advocate Office Management System register_case.php sql injection — Kortex Lite Advocate Office Management System	4.7	Medium	2024-04-11
CVE-2024-3620	SourceCodester Kortex Lite Advocate Office Management System adds.php sql injection — Kortex Lite Advocate Office Management System	4.7	Medium	2024-04-11
CVE-2024-3619	SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php sql injection — Kortex Lite Advocate Office Management System	4.7	Medium	2024-04-11

Vulnerabilities classified as CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) represent 8880 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-89 (SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) — Vulnerability Class 8880