The Realty Workstation WordPress plugin through 1.0.6 does not sanitise and escape the trans_edit parameter before using it in a SQL statement when an agent…

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the ids from the bulk actions before using them in a SQL statement…

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the Update parameter before using it in a SQL statement when updating a…

The Note Press WordPress plugin through 0.1.10 does not sanitise and escape the id parameter before using it in various SQL statement via the admin…

The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lsp_slider_id parameter before using it in a SQL statement via the Manage…

The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id parameter before using it in a SQL statement when editing…

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via…

The Cube Slider WordPress plugin through 1.2 does not sanitise and escape the idslider parameter before using it in various SQL queries, leading to SQL…

The amtyThumb WordPress plugin through 4.2.0 does not sanitise and escape a parameter before using it in a SQL statement via its shortcode, leading to…

The WooCommerce Green Wallet Gateway WordPress plugin before 1.0.2 does not escape the error_envision query parameter before outputting it to the page, leading to a…