WordPress Plugin Vulnerabilities

Zotpress < 6.1.3 - SQL Injection

Description

The Zotpress WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
zotpress
Fixed in 6.1.3

References

CVE
CVE-2016-1000217

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
9.8 (critical)

Miscellaneous

Verified
No
WPVDB ID
431f72e0-241e-4f99-8444-5661c049e447

Timeline

Publicly Published
2016-10-06 (about 9 years ago)
Added
2019-08-24 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2014-08-01
Title
WordPress Landing Pages < 1.2.3 - module.utils.php post Parameter SQL Injection
Published
2024-04-11
Title
Shopping Cart & eCommerce Store < 5.6.4 - Contributor+ SQL Injection
Published
2021-06-29
Title
Survey Maker < 1.5.6 - Authenticated Blind SQL Injections
Published
2022-12-05
Title
Contest Gallery < 19.1.5 - Author+ SQL Injection
Published
2025-02-24
Title
Yawave <= 2.9.1 - Unauthenticated SQL Injection