Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2017-09-14	CVE-2017-1002025	SQL Injection vulnerability in Add-Edit-Delete-Listing-For-Member-Module Project Add-Edit-Delete-Listing-For-Member-Module 1.0 Vulnerability in wordpress plugin add-edit-delete-listing-for-member-module v1.0, The plugin author does not sanitize user supplied input via $act before passing it into an SQL statement. network low complexity add-edit-delete-listing-for-member-module-project CWE-89	7.2
2017-09-14	CVE-2017-1002023	SQL Injection vulnerability in Daisythemes Easy Team Manager 1.3.2 Vulnerability in wordpress plugin Easy Team Manager v1.3.2, The code does not sanitize id before making it part of an SQL statement in file ./easy-team-manager/inc/easy_team_manager_desc_edit.php network low complexity daisythemes CWE-89 critical	9.8
2017-09-14	CVE-2017-1002022	SQL Injection vulnerability in Surveys Project Surveys 1.01.8 Vulnerability in wordpress plugin surveys v1.01.8, The code in questions.php does not sanitize the survey variable before placing it inside of an SQL query. network low complexity surveys-project CWE-89 critical	9.8
2017-09-14	CVE-2017-1002021	SQL Injection vulnerability in Surveys Project Surveys 1.01.8 Vulnerability in wordpress plugin surveys v1.01.8, The code in individual_responses.php does not sanitize the survey_id variable before placing it inside of an SQL query. network low complexity surveys-project CWE-89 critical	9.8
2017-09-14	CVE-2017-1002020	SQL Injection vulnerability in Surveys Project Surveys 1.01.8 Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query. network low complexity surveys-project CWE-89 critical	9.8
2017-09-14	CVE-2017-1002019	SQL Injection vulnerability in Eventr Project Eventr 1.02.2 Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and event_form.php code do not sanitize input, this allows for blind SQL injection via the event parameter. network low complexity eventr-project CWE-89 critical	9.8
2017-09-14	CVE-2017-1002018	SQL Injection vulnerability in Eventr Project Eventr 1.02.2 Vulnerability in wordpress plugin eventr v1.02.2, The edit.php form and attendees.php code do not sanitize input, this allows for blind SQL injection via the event parameter. network low complexity eventr-project CWE-89 critical	9.8
2017-09-14	CVE-2017-1002015	SQL Injection vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2 Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via selectMulGallery parameter. network low complexity anblik CWE-89 critical	9.8
2017-09-14	CVE-2017-1002014	SQL Injection vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2 Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection in image-gallery-with-slideshow/admin_setting.php via gallery_name parameter. network low complexity anblik CWE-89 critical	9.8
2017-09-14	CVE-2017-1002013	SQL Injection vulnerability in Anblik Image-Gallery-With-Slideshow 1.5.2 Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, Blind SQL Injection via imgid parameter in image-gallery-with-slideshow/admin_setting.php. network low complexity anblik CWE-89 critical	9.8