WordPress Plugin Vulnerabilities

ActiveHelper LiveHelp Server 3.2.2 - server/frames.php DEPARTMENT Parameter SQL Injection

Description

The activehelper-livehelp WordPress plugin was affected by a server/frames.php DEPARTMENT Parameter SQL Injection security vulnerability.

Affects Plugins

Plugin icon
activehelper-livehelp
Fixed in 3.4.0

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
9bdff67b-d78a-4d1e-9115-f3bafcc83b7a

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2015-05-15 (about 10 years ago)

Other

Published
Title
Published
2016-01-26
Title
Formidable Forms < 2.0 - Authenticated Blind SQL Injection
Published
2012-01-20
Title
Mingle Forum < 1.0.33 - Multiple SQL Injection
Published
2015-04-01
Title
WP Business Intelligence Lite < 1.6.3 - SQL Injection
Published
2023-12-27
Title
WebinarIgnition < 3.05.1 - Unauthenticated SQL Injection
Published
2014-08-01
Title
Simple Retail Menus 4.0.1 - includes/actions.php targetmenu Parameter SQL Injection