Injection flaws allow attackers to relay malicious code through an application to another system. These attacks include calls to the operating system via system calls, the use of external programs via shell commands, as well as calls to backend databases via SQL (i.e., SQL injection). Any time an application uses an interpreter of any type there is a danger of introducing an injection vulnerability.
Type of Injection Flaws:
Reference Source:
| Status | Component Name | Version | Disclosed By | Disclosure Date | Access Level | CVE-Number |
|---|---|---|---|---|---|---|
 |
wp-plugin : unlimited-popups | 4.5.3 | Shreya Pohekar | 2021/10/07 | Editor | CVE-2021-24631 |
|
wp-plugin : schreikasten | 0.14.18 | Shreya Pohekar | 2021/10/07 | Author | CVE-2021-24630 |
|
wp-plugin : post-content-xmlrpc | 1 | Shreya Pohekar | 2021/10/07 | Administrator | CVE-2021-24629 |
|
wp-plugin : mwp-forms | 3.1.3 | Shreya Pohekar | 2021/10/07 | Administrator | CVE-2021-24628 |
|
wp-plugin : g-auto-hyperlink | 1.0.1 | Shreya Pohekar | 2021/10/07 | Administrator | CVE-2021-24627 |
|
wp-plugin : chameleon-css | 1.2 | Shreya Pohekar | 2021/10/07 | Subscriber | CVE-2021-24626 |
|
wp-plugin : catalog | 1.7.3 | Shreya Pohekar | 2021/10/07 | Administrator | CVE-2021-24625 |
|
wp-plugin : wpagecontact | 1 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24403 |
|
wp-plugin : wp-icommerce | 1.1.1 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24402 |
|
wp-plugin : wp-domain-redirect | 1 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24401 |
|
wp-plugin : wp-display-users | 2.0.0 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24400 |
|
wp-plugin : wp-board | 1.1(Beta) | Syed Sheeraz Ali | 2021/08/22 | Subscriber | CVE-2021-24404 |
|
wp-plugin : the-sorter | 1.2 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24399 |
 |
wp-plugin : purple-xmls-google-product-feed-for-woocommerce | 3.3.0.3 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24511 |
|
wp-plugin : morpheus-slider | 1.2 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24398 |
|
wp-plugin : microcopy | 1.1.0 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24397 |
|
wp-plugin : gseor | 1.3 | Syed Sheeraz Ali | 2021/08/22 | Administrator | CVE-2021-24396 |
|
wp-plugin : wp-paytm-pay | 1.3.2 | Shreya Pohekar | 2021/07/23 | Administrator | CVE-2021-24554 |
|
wp-plugin : timeline-calendar | 1.2 | Shreya Pohekar | 2021/07/23 | Administrator | CVE-2021-24553 |
|
wp-plugin : simple-events-calendar | 1.4.0 | Shreya Pohekar | 2021/07/23 | Administrator | CVE-2021-24552 |
|
wp-plugin : m-vslider | 2.1.3 | Shreya Pohekar | 2021/07/23 | Administrator | CVE-2021-24557 |
|
wp-plugin : embed-youtube-video | 1 | Syed Sheeraz Ali | 2021/07/23 | Administrator | CVE-2021-24395 |
|
wp-plugin : edit-comments | 0.3 | Shreya Pohekar | 2021/07/23 | Unauthenticated | CVE-2021-24551 |
|
wp-plugin : easy-testimonial-manager | 1.2.0 | Syed Sheeraz Ali | 2021/07/23 | Administrator | CVE-2021-24394 |
|
wp-plugin : diary-availability-calendar | 1.0.3 | Shreya Pohekar | 2021/07/23 | Subscriber | CVE-2021-24555 |
|
wp-plugin : comment-highlighter | 0.13 | Syed Sheeraz Ali | 2021/07/23 | Administrator | CVE-2021-24393 |
|
wp-plugin : club-management-software | 1 | Syed Sheeraz Ali | 2021/07/23 | Administrator | CVE-2021-24392 |
|
wp-plugin : cashtomer | 1 | Syed Sheeraz Ali | 2021/07/23 | Subscriber | CVE-2021-24391 |
|
wp-plugin : broken-link-manager | 0.6.5 | Shreya Pohekar | 2021/07/23 | Administrator | CVE-2021-24550 |
|
wp-plugin : alipay | 3.7.2 | Syed Sheeraz Ali | 2021/07/23 | Administrator | CVE-2021-24390 |
|
wp-plugin : handsome-testimonials | 2.0.7 | Shreya Pohekar | 2021/06/29 | Subscriber | CVE-2021-24492 |
|
wp-plugin : xllentech-english-islamic-calendar | 2.6.6 | Syed Sheeraz Ali | 2021/05/27 | Administrator | CVE-2021-24341 |
|
wp-plugin : side-menu | 3.1.3 | Shreya Pohekar | 2021/05/27 | Administrator | CVE-2021-24348 |
|
wp-plugin : sendit | 2.5.1 | Shreya Pohekar | 2021/05/27 | Administrator | CVE-2021-24345 |
|
wp-plugin : video-embed-box | 1 | Syed Sheeraz Ali | 2021/05/19 | Subscriber | CVE-2021-24337 |
|
wp-plugin : flightlog | 3.0.2 | Shreya Pohekar | 2021/05/19 | Editor | CVE-2021-24336 |
|
wp-plugin : cars-seller-auto-classifieds-script | 2.1.0 | Shreya Pohekar | 2021/04/26 | Unauthenticated | CVE-2021-24285 |
|
wp-plugin : enl-newsletter | 1.0.1 | Anantshri | 2014/05/28 | Administrator | CVE-2014-4939 |
|
wp-plugin : ultimate-product-catalogue | Anantshri | 2014/05/28 | Administrator | Not Assigned | |
|
wp-plugin : simple-retail-menus | 4.0.1 | Anantshri | 2014/05/28 | Editor | Not Assigned |
|
wp-plugin : hdw-player-video-player-video-gallery | 2.4.2 | Anantshri | 2014/05/28 | Administrator | Not Assigned |
|
wp-plugin : all-video-gallery | 1.2 | Anantshri | 2014/05/28 | Administrator | Not Assigned |
|
wp-plugin : wp-rss-poster | 1.0.0 | Anantshri | 2014/05/28 | Unauthenticated | CVE-2014-4938 |
|
wp-plugin : yawpp | 1.2 | Anantshri | 2014/05/28 | Contributor | Not Assigned |
|
wp-plugin : stripshow | 2.5.2 | Anantshri | 2014/05/28 | Administrator | Not Assigned |
|
wp-plugin : quartz | 1.01.1 | Anantshri | 2014/05/28 | Contributor | Not Assigned |