cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forwp-business-intelligence-lite wp-business-intelligence-lite

Direction: ascending
Jun 06, 2024

WP Business Intelligence Lite # CVE-2015-9326

CVE, Research URL

CVE-2015-9326

Date
Aug 16, 2019
Research Description
The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection.
Affected versions
max 1.6.3.
Status
vulnerable
Jun 16, 2026

WP Business Intelligence Lite # e4bd1c5964f7200c2d1f4f2ac0e8af5f42dfc0dd

Date
Aug 01, 2023
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.1 (closed) WordPress Business Intelligence Lite Plugin <= 1.0.6 is vulnerable to Arbitrary Code Execution Update the plugin. Manish Kishan Tanwar discovered and reported this Arbitrary Code Execution vulnerability in WordPress Business Intelligence Lite Plugin. This could allow a malicious actor to remotely execute malicious code on your site. This vulnerability has been fixed in version 1.1.
Affected versions
max 1.1.
Status
vulnerable

WP Business Intelligence Lite # 10b0f1eb781c0e45725112dd150ac422d7dde272

Date
Apr 01, 2023
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.6.2 (closed) WordPress Business Intelligence Lite Plugin <= 1.6.1 is vulnerable to SQL Injection Update the plugin. Jagriti Sahu AKA Incredible discovered and reported this SQL Injection vulnerability in WordPress Business Intelligence Lite Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information. This vulnerability has been fixed in version 1.6.2.
Affected versions
max 1.6.2.
Status
vulnerable

WP Business Intelligence Lite # a0589247a7a70882cc77d4254e5764556621c9fb

Date
May 05, 2026
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] <= 3.2.0 (unfixed + closed) WordPress Business Intelligence Lite Plugin <= 3.2.0 is vulnerable to a high priority Broken Access Control <p>WordPress Business Intelligence Lite Plugin <= 3.2.0 is vulnerable to a high priority Broken Access Control</p><p>Software: Business Intelligence Lite</p><p>Affected Version <= 3.2.0</p><p>CVE: Unknown</p>
Affected versions
max 3.2.0.
Status
vulnerable

WP Business Intelligence Lite # c9507068412002222a8fa0d75ebcb26215a28b62

Date
Aug 01, 2014
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.1 (closed) WordPress Business Intelligence Lite Plugin <= 1.0.6 - Remote Code Execution This plugin is prone to a remote code execution exploit because of ofc_upload_image.php file parameters. Update the plugin.
Affected versions
max 1.1.
Status
vulnerable

WP Business Intelligence Lite # 278531677d54e6177eb15fbbf72da8d2a8e8e684

Date
Apr 01, 2015
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.6.2 (closed) WordPress Business Intelligence Lite Plugin <= 1.6.1 - SQL Injection This plugin is prone to an SQL injection vulnerability, because data is not filtering in GET parameter ' t ', which in is file 'view.php'. Update the plugin.
Affected versions
max 1.6.2.
Status
vulnerable

WP Business Intelligence Lite # 790bcfe587c7d3ce865ea4151cfd13cea832be9c

Date
Apr 02, 2015
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] <= 1.6.1 (closed) WordPress Business Intelligence Plugin - SQL injection This WordPress Business Intelligence plugin's "t" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Upgrade the plugin.
Affected versions
max 1.6.1.
Status
vulnerable

WP Business Intelligence Lite # 4b04b36974b978ce379a18f6e2f44f7f7d11e238

Date
Mar 28, 2014
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.3 (closed) WP Business intelligence lite < 1.3 - Arbitrary File Upload The WP Business intelligence lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ofc_upload_image.php' files in versions before 1.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
Affected versions
max 1.3.
Status
vulnerable

WP Business Intelligence Lite # bfe5ab85-092a-49ba-8632-671a594b5d62

Date
-
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.1 (closed) WP Business intelligence lite &lt;= 1.0.6 - Remote Code Execution Exploit The WP Business Intelligence Lite WordPress plugin was affected by a Remote Code Execution Exploit security vulnerability.
Affected versions
max 1.1.
Status
vulnerable

WP Business Intelligence Lite # 5850fb83027dffb242ec789921e562b3eb98f442

Date
May 04, 2026
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] <= 3.2.0 (unfixed + closed) WP Business Intelligence Lite <= 3.2.0 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary SQL Modification The WP Business Intelligence Lite plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.2.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify stored SQL queries, which can lead to privilege escalation via arbitrary SQL execution when the modified query is viewed by an administrator.
Affected versions
max 3.2.0.
Status
vulnerable

WP Business Intelligence Lite # a2666752da8b81042adfd74bba5761c91b15a5cf

Date
May 05, 2026
Research Description
WP Business Intelligence Lite [wp-business-intelligence-lite] <= 3.2.0 (unfixed + closed) WP Business Intelligence Lite <= 3.2.0 - Missing Authorization The WP Business Intelligence Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.
Affected versions
max 3.2.0.
Status
vulnerable
Jul 13, 2026

WP Business Intelligence Lite # CVE-2026-15293

CVE, Research URL

CVE-2026-15293

Date
Jul 10, 2026
Research Description
The WP Business Intelligence Lite plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.2.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify stored SQL queries, which can lead to privilege escalation via arbitrary SQL execution when the modified query is viewed by an administrator.
Affected versions
max 3.2.0.
Status
vulnerable