Filtered by vendor Tri
Subscriptions
Filtered by product Gigpress
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-0381 | 1 Tri | 1 Gigpress | 2023-11-07 | 8.8 High |
The GigPress WordPress plugin through 2.3.28 does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscriber to perform SQL Injection attacks | ||||
CVE-2015-4066 | 1 Tri | 1 Gigpress | 2021-08-19 | N/A |
Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_artist_id or (2) show_venue_id parameter in an add action in the gigpress.php page to wp-admin/admin.php. | ||||
CVE-2015-9353 | 1 Tri | 1 Gigpress | 2019-09-09 | 7.2 High |
The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066. |
Page 1 of 1.