WordPress Plugin Vulnerabilities

Level Four Storefront - levelfourstorefront/getsortmanufacturers.php id Parameter SQL Injection

Description

The levelfourstorefront WordPress plugin was affected by a levelfourstorefront/getsortmanufacturers.php id Parameter SQL Injection security vulnerability.

Affects Plugins

Plugin icon
levelfourstorefront
No known fix

References

URL
https://packetstormsecurity.com/files/#120950/

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
61729569-fc94-470c-b11c-cfe18fe6898b

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2014-08-01
Title
WP DS FAQ Plus - Unspecified SQL Injection
Published
2015-01-15
Title
Feedweb 2.4.1-3.0.6 - SQL Injection
Published
2025-07-07
Title
Torod <= 1.9 - Unauthenticated SQL Injection
Published
2025-04-04
Title
teachPress < 9.0.12 - Authenticated (Contributor+) SQL Injection
Published
2026-03-23
Title
WP Job Portal < 2.4.9 - Unauthenticated SQL Injection via 'radius' Parameter