Vulnerabilities > Mmrs151 > Daily Prayer Time > 2023.08.08.16
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-25 | CVE-2024-8621 | SQL Injection vulnerability in Mmrs151 Daily Prayer Time The Daily Prayer Time plugin for WordPress is vulnerable to SQL Injection via the 'max_word' attribute of the 'quran_verse' shortcode in all versions up to, and including, 2024.08.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 6.5 |
| 2023-11-22 | CVE-2023-47817 | Unspecified vulnerability in Mmrs151 Daily Prayer Time Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.10.13 versions. | 5.4 |