🔬 Conversion Rate Optimisation for your 🌐 WordPress & 🛒 WooCommerce: skyrocket sales with modern proven methods! The purpose of recurrent CRO services is to constantly improve the likelihood of visitors taking your desired action on your domain.
Be informed about the latest WP SQL Injections, identified and reported publicly. WP SQLi APR 2025 is a +30% INCREASE compared to previous month, as specifically targeted SQL Injections. Consider for your online safety, a managed WP/Woo Security AUDIT, - OR - switching with a TOP10LIST alternative WP Security Plugin - OR - Hire professionals for managed Security.
As these SQL injection cases from publicly reported vulnerable plugins are on your domain, it opens Pandora’s box from a security point of view. The following cases made headlines PUBLICLY in the WP SQLi APR 2025 & WP SQL Injections APR 2025 category:
| Ads by WPQuads | SQL Injection (SQLi) |
| AHAthat | SQL Injection (SQLi) from id Parameter |
| AnalyticsWP | Unauthenticated SQL Injection (SQLi) |
| ArielBrailovsky-ViralAd | Unauthenticated SQL Injection (SQLi) |
| Automation By Autonami | Unauthenticated SQL Injection (SQLi) from 'automationId' |
| Awesome Logos | Cross-Site Request Forgery (CSRF) to SQL Injection (SQLi) |
| Bitcoin / AltCoin Payment Gateway for WooCommerce | SQL Injection (SQLi) |
| bizcalendar-web | SQL Injection (SQLi) |
| Cart tracking for WooCommerce | SQL Injection (SQLi) |
| Church Admin | SQL Injection (SQLi) |
| Code Clone | SQL Injection (SQLi) from snippetId Parameter |
| WordPress CURCY - WooCommerce Multi Currency - Currency Switcher | Unauthenticated SQL Injection (SQLi) |
| Duplicate Page and Post | SQL Injection (SQLi) |
| Eventer | SQL Injection (SQLi) from reg_id |
| EZ SQL Reports Shortcode Widget and DB Backup | Cross-Site Request Forgery (CSRF) to SQL Injection (SQLi) |
| FlexStock | SQL Injection (SQLi) |
| Flickr set slideshows | SQL Injection (SQLi) |
| Flickr set slideshows | SQL Injection (SQLi) |
| WordPress Hero Maps Premium - Customizable Google Maps Plugin | SQL Injection (SQLi) |
| Hero Slider | SQL Injection (SQLi) |
| JiangQie Official Website Mini Program | SQL Injection (SQLi) |
| JS Help Desk | SQL Injection (SQLi) |
| Lead Form Data Collection to CRM | SQL Injection (SQLi) |
| MC Woocommerce Wishlist | SQL Injection (SQLi) |
| Multiple Shipping And Billing Address For Woocommerce | SQL Injection (SQLi) |
| Navigation Tree Elementor | SQL Injection (SQLi) |
| Newsletters | SQL Injection (SQLi) |
| Pods | SQL Injection (SQLi) |
| PostMash | SQL Injection (SQLi) |
| Post SMTP | SQL Injection (SQLi) from columns Parameter |
| Product Catalog | SQL Injection (SQLi) |
| Product Labels For Woocommerce | SQL Injection (SQLi) |
| Product Labels For Woocommerce | SQL Injection (SQLi) |
| ProfileGrid | SQL Injection (SQLi) |
| PublishPress Authors | SQL Injection (SQLi) |
| ReportAttacks | SQL Injection (SQLi) |
| Schedule | SQL Injection (SQLi) |
| School Management | SQL Injection (SQLi) from 'view-attendance' |
| School Management | SQL Injection (SQLi) from 'mj_smgt_show_event_task' |
| SEO Plugin by Squirrly SEO | SQL Injection (SQLi) |
| SEO Plugin by Squirrly SEO | SQL Injection (SQLi) from search Parameter |
| Shuffle | SQL Injection (SQLi) |
| Simple Giveaways | SQL Injection (SQLi) |
| Slider by BestWebSoft | SQL Injection (SQLi) |
| SMS Alert Order Notifications – WooCommerce | SQL Injection (SQLi) |
| STEdb Forms | SQL Injection (SQLi) |
| Super Simple Subscriptions | SQL Injection (SQLi) |
| teachPress | SQL Injection (SQLi) |
| Thumbnail carousel slider | SQL Injection (SQLi) |
| Traveler Theme | SQL Injection (SQLi) |
| Trust Payments Gateway for WooCommerce | SQL Injection (SQLi) |
| Ultimate Member | Unauthenticated SQL Injection (SQLi) from search Parameter |
| Vimeotheque | SQL Injection (SQLi) |
| Web Directory Free | SQL Injection (SQLi) |
| WooCommerce Multivendor Marketplace – REST API | SQL Injection (SQLi) |
| WooMail | Missing Authorization (BAC) to SQL Injection (SQLi) |
| WordPress Awesome Import & Export Plugin - Import & Export WordPress Data | Missing Authorization (BAC) to SQL Execution (SQLi) and Privilege Escalation (BAC) |
| WPCOM Member | Unauthenticated Time-Based SQL Injection (SQLi) |
| WP Featured Entries | SQL Injection (SQLi) |
| WP Google Calendar Manager | SQL Injection (SQLi) |
| WP Google Review Slider | Cross-Site Request Forgery (CSRF) to SQL Injection (SQLi) |
| WPGuppy | SQL Injection (SQLi) |
| WP Multistore Locator | SQL Injection (SQLi) |
| WP Profitshare | SQL Injection (SQLi) |
| WP-Recall | SQL Injection (SQLi) |
| WPSchoolPress | Parent's account SQL Injection (SQLi) |
| WPSchoolPress | Teacher's account SQL Injection (SQLi) |
| WP Subscription Forms | SQL Injection (SQLi) |
| دکمه، شبکه اجتماعی خرید | SQL Injection (SQLi) |
| WordPress SQL Injections (SQLi) reported in 2023: | 223 |
| WordPress SQL Injections (SQLi) reported in 2024: | 385 |
| WordPress SQL Injections (SQLi) reported in 2025: | 262 |
How wonderful would be to simply let others take care of your chores? We absolutely understand why you would want that. This is why we propose this unique campaign: the price of a premium cup of coffee per week, for your first managed service.
Start simply by contacting us with your selections:
We care about the protection of your personal data. Update, subscribe or unsubscribe anytime. Read our Privacy Policy.