WordPress Plugin Vulnerabilities

Download - (dl_id) SQL Injection

Description

The wp-download WordPress plugin was affected by a (dl_id) SQL Injection security vulnerability.

Affects Plugins

Plugin icon
wp-download
No known fix

References

Exploitdb
5326

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
d4677e4b-bdf8-448e-ad82-da0c2c214806

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-06-06
Title
Visualizer < 3.11.2 - Authenticated (Subscriber+) SQL Injection
Published
2026-03-23
Title
Form Maker < 1.15.38 - SQL Injection
Published
2026-01-21
Title
Nelio Content < 4.2.1 - Authenticated (Contributor+) SQL Injection
Published
2023-01-23
Title
WP Yelp Review Slider < 7.1 - Subscriber+ SQLi
Published
2023-06-22
Title
Quick Post Duplicator <= 2.0 - Contributor+ SQLi