WordPress Plugin Vulnerabilities

Top 10 <= 2.4.3 - Authenticated SQL Injection

Description

The Top 10 – Popular posts plugin for WordPress WordPress plugin was affected by an Authenticated SQL Injection security vulnerability.

Affects Plugins

Plugin icon
top-10
Fixed in 2.4.4

References

URL
https://plugins.trac.wordpress.org/changeset/1632430/top-10

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
911953d0-32af-499c-be52-9d3077ffd6d9

Timeline

Publicly Published
2017-12-19 (about 6 years ago)
Added
2017-12-19 (about 6 years ago)
Last Updated
2019-11-01 (about 4 years ago)

Other

Published
Title
Published
2021-01-18
Title
301 Redirects - Easy Redirect Manager < 2.51 - Authenticated SQL Injection
Published
2015-08-20
Title
Master Slider < 2.5.2 - Authenticated Blind SQL Injection
Published
2023-07-03
Title
User Activity Log < 1.6.3 - Admin+ SQL Injection
Published
2021-10-05
Title
Perfect Survey < 1.5.2 - Unauthenticated SQL Injection
Published
2017-02-26
Title
Note Press < 0.1.2 - SQL Injection