WordPress Plugin Vulnerabilities

Community Events < 1.2.3 - SQL Injection

Description

The Community Events WordPress plugin was affected by a SQL Injection security vulnerability.

Proof of Concept

Affects Plugins

Plugin icon
community-events
Fixed in 1.2.3

References

Exploitdb
17798

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
e7792a37-ba58-4d47-927c-f7389b548498

Timeline

Publicly Published
2011-09-08 (about 14 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2023-02-06
Title
My Sticky Elements < 2.0.9 - Admin+ SQLi
Published
2018-11-29
Title
LoginPress <= 1.1.15 - Authenticated Blind SQL Injection
Published
2024-11-18
Title
Post Ideas <= 2 - Unauthenticated SQL Injection
Published
2025-01-15
Title
Taskbuilder < 3.0.7 - Authenticated (Subscriber+) SQL Injection
Published
2014-08-01
Title
WordPress Landing Pages < 1.2.3 - module.utils.php post Parameter SQL Injection