WordPress Plugin Vulnerabilities

SP Client Document Manager < 2.4.4 - Multiple SQL Injection

Description

The SP Project & Document Manager WordPress plugin was affected by a Multiple SQL Injection security vulnerability.

Affects Plugins

Plugin icon
sp-client-document-manager
Fixed in 2.4.4

References

CVE
CVE-2014-9178
Exploitdb
35313
URL
https://packetstormsecurity.com/files/#129212/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/98897

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
888c3924-89cc-4760-ac56-f269035dcae0

Timeline

Publicly Published
2014-12-02 (about 11 years ago)
Added
2014-12-02 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2026-02-27
Title
Tutor LMS < 3.9.7 - Unauthenticated SQL Injection via coupon_code
Published
2014-09-19
Title
YAWPP < 1.2.2 - SQL Injection
Published
2024-02-26
Title
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor < 2.8.3 - Unauthenticated SQL Injection
Published
2014-08-01
Title
Wordpress 2.2 - XML-RPC SQL Injection
Published
2022-01-06
Title
WordPress < 5.8.3 - SQL Injection via WP_Query