WordPress Plugin Vulnerabilities

Huge IT Slider < 2.7.0 - SQL Injection

Description

The slider-image WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
slider-image
Fixed in 2.7.0

References

CVE
CVE-2015-2062
URL
https://www.immuniweb.com/advisory/HTB23250

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89
CVSS
7.2 (high)

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
e5175059-5700-4483-8cbd-6accee262e44

Timeline

Publicly Published
2015-02-19 (about 11 years ago)
Added
2015-02-26 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2019-05-10
Title
Form Maker by 10Web < 1.13.3 - Authenticated SQL Injection
Published
2025-03-11
Title
Gutentor < 3.4.7 - Admin+ SQL Injection
Published
2014-08-01
Title
AdRotate < 3.6.8 - SQL Injection
Published
2024-03-21
Title
Network Summary <= 2.0.11 - Unauthenticated SQL Injection
Published
2021-04-05
Title
Simple Membership < 4.0.4 - Authenticated SQL Injections