WordPress Plugin Vulnerabilities

FireStorm Professional Real Estate 2.06.01 - xml/marker_listings.php id Parameter SQL Injection

Description

The FireStorm Professional Real Estate Plugin WordPress plugin was affected by a xml/marker_listings.php id Parameter SQL Injection security vulnerability.

Affects Plugins

Plugin icon
fs-real-estate-plugin
Fixed in 2.06.04

References

Exploitdb
22071
URL
https://packetstormsecurity.com/files/#118232/
URL
https://exchange.xforce.ibmcloud.com/vulnerabilities/80261

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
13cb6783-9e44-433b-960a-28c71856d9f2

Timeline

Publicly Published
2014-08-01 (about 9 years ago)
Added
2014-08-01 (about 9 years ago)
Last Updated
2019-10-21 (about 4 years ago)

Other

Published
Title
Published
2014-08-01
Title
Eventify - Simple Events <= 1.7.f - SQL Injection
Published
2014-08-01
Title
Link Library < 5.7.9.7 - SQL Injection
Published
2023-10-30
Title
Wp photo text slider 50 < 8.1 - Authenticated (Subscriber+) SQL Injection via Shortcode
Published
2023-09-11
Title
Slimstat Analytics < 5.0.10 - Contributor+ SQL Injection
Published
2017-06-21
Title
Email Before Download < 4.0 - SQL Injection