Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2)

June 3, 2025

Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (

Full Disclosure
mailing list archives
Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (
Date: Fri, 30 May 2025 13:31 …

Published Date:
Jun 03, 2025 (2 hours, 5 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2019-9978

Source: Read More

Previous ArticleCVE-2024-47081: Netrc credential leak in PSF requests library

Next Article Androidlekken kunnen malafide apps ongemerkt meer permissies geven

Highlights

CVE-2025-3280 – ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes SQL Injection

April 24, 2025

CVE ID : CVE-2025-3280

Published : April 24, 2025, 9:15 a.m. | 1 hour, 28 minutes ago

Description : The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is vulnerable to SQL Injection via the ‘attribute_value_filter’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2)

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

12 Best Free and Open Source Text-Based Bookmark Managers

Want to try ChatGPT’s Deep Research tool for free? Check out the lightweight version

CVE-2025-4469 – SourceCodester Online Student Clearance System Cross Site Scripting Vulnerability

CVE-2025-5004 – “Projectworlds Online Time Table Generator SQL Injection Vulnerability”

CVE-2025-3280 – ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes SQL Injection

10 Weird Startup Ideas That Might Just Work

CVE-2025-3985 – Apereo CAS Remote Regular Expression Denial of Service (DoS)

CVE-2025-6133 – Projectworlds Life Insurance Management System SQL Injection Vulnerability

Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2)

Related Posts