WordPress Plugin Vulnerabilities

Profiles <= 2.0RC1 - SQL Injection

Description

The profiles WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
profiles
No known fix

References

Exploitdb
17739

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
8da775c1-d22f-4764-957a-836bcf200fa8

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-09-30
Title
WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter
Published
2021-08-24
Title
SMTP Mail < 1.2.2 - Authenticated SQL Injections
Published
2024-09-24
Title
The Events Calendar < 6.6.4.1 - Unauthenticated SQL Injection
Published
2020-11-25
Title
WP Google Map Plugin < 4.1.5 - Authenticated SQL Injection
Published
2016-04-06
Title
All In One WP Security And Firewall < 4.0.7 - Multiple SQL Injections