Vulnerabilities > Bestwebsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-36508 | Unspecified vulnerability in Bestwebsoft Contact Form to DB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress contact-form-to-db allows SQL Injection.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.1. | 9.8 |
| 2022-10-25 | CVE-2022-3393 | Unspecified vulnerability in Bestwebsoft Post to CSV The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields when exporting data as CSV, leading to a CSV injection | 9.8 |
| 2019-08-22 | CVE-2015-9335 | SQL Injection vulnerability in Bestwebsoft Limit Attempts The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling. | 9.8 |
| 2019-08-16 | CVE-2015-9325 | SQL Injection vulnerability in Bestwebsoft Visitors Online 0.1/0.2/0.3 The visitors-online plugin before 0.4 for WordPress has SQL injection. | 9.8 |