Vulnerabilities > Wowonder > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-15 | CVE-2022-40405 | SQL Injection vulnerability in Wowonder 4.1.2 WoWonder Social Network Platform v4.1.2 was discovered to contain a SQL injection vulnerability via the offset parameter at requests.php?f=load-my-blogs. | 7.5 |
| 2021-03-18 | CVE-2021-26935 | SQL Injection vulnerability in Wowonder In WoWonder < 3.1, remote attackers can gain access to the database by exploiting a requests.php?f=search-my-followers SQL Injection vulnerability via the event_id parameter. | 7.5 |