Vulnerabilities and security researches forwp-business-intelligence-lite wp-business-intelligence-lite
Direction: ascendingJun 06, 2024
WP Business Intelligence Lite # CVE-2015-9326
- CVE, Research URL
- Home page URL
- Application
- Date
- Aug 16, 2019
- Research Description
- The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection.
- Affected versions
-
max 1.6.3.
- Status
-
vulnerable
Jun 16, 2026
WP Business Intelligence Lite # e4bd1c5964f7200c2d1f4f2ac0e8af5f42dfc0dd
- CVE, Research URL
- Home page URL
- Application
- Date
- Aug 01, 2023
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.1 (closed) WordPress Business Intelligence Lite Plugin <= 1.0.6 is vulnerable to Arbitrary Code Execution Update the plugin. Manish Kishan Tanwar discovered and reported this Arbitrary Code Execution vulnerability in WordPress Business Intelligence Lite Plugin. This could allow a malicious actor to remotely execute malicious code on your site. This vulnerability has been fixed in version 1.1.
- Affected versions
-
max 1.1.
- Status
-
vulnerable
WP Business Intelligence Lite # 10b0f1eb781c0e45725112dd150ac422d7dde272
- CVE, Research URL
- Home page URL
- Application
- Date
- Apr 01, 2023
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.6.2 (closed) WordPress Business Intelligence Lite Plugin <= 1.6.1 is vulnerable to SQL Injection Update the plugin. Jagriti Sahu AKA Incredible discovered and reported this SQL Injection vulnerability in WordPress Business Intelligence Lite Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information. This vulnerability has been fixed in version 1.6.2.
- Affected versions
-
max 1.6.2.
- Status
-
vulnerable
WP Business Intelligence Lite # a0589247a7a70882cc77d4254e5764556621c9fb
- CVE, Research URL
- Home page URL
- Application
- Date
- May 05, 2026
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] <= 3.2.0 (unfixed + closed) WordPress Business Intelligence Lite Plugin <= 3.2.0 is vulnerable to a high priority Broken Access Control <p>WordPress Business Intelligence Lite Plugin <= 3.2.0 is vulnerable to a high priority Broken Access Control</p><p>Software: Business Intelligence Lite</p><p>Affected Version <= 3.2.0</p><p>CVE: Unknown</p>
- Affected versions
-
max 3.2.0.
- Status
-
vulnerable
WP Business Intelligence Lite # c9507068412002222a8fa0d75ebcb26215a28b62
- CVE, Research URL
- Home page URL
- Application
- Date
- Aug 01, 2014
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.1 (closed) WordPress Business Intelligence Lite Plugin <= 1.0.6 - Remote Code Execution This plugin is prone to a remote code execution exploit because of ofc_upload_image.php file parameters. Update the plugin.
- Affected versions
-
max 1.1.
- Status
-
vulnerable
WP Business Intelligence Lite # 278531677d54e6177eb15fbbf72da8d2a8e8e684
- CVE, Research URL
- Home page URL
- Application
- Date
- Apr 01, 2015
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.6.2 (closed) WordPress Business Intelligence Lite Plugin <= 1.6.1 - SQL Injection This plugin is prone to an SQL injection vulnerability, because data is not filtering in GET parameter ' t ', which in is file 'view.php'. Update the plugin.
- Affected versions
-
max 1.6.2.
- Status
-
vulnerable
WP Business Intelligence Lite # 790bcfe587c7d3ce865ea4151cfd13cea832be9c
- CVE, Research URL
- Home page URL
- Application
- Date
- Apr 02, 2015
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] <= 1.6.1 (closed) WordPress Business Intelligence Plugin - SQL injection This WordPress Business Intelligence plugin's "t" parameter is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Upgrade the plugin.
- Affected versions
-
max 1.6.1.
- Status
-
vulnerable
WP Business Intelligence Lite # 4b04b36974b978ce379a18f6e2f44f7f7d11e238
- CVE, Research URL
- Home page URL
- Application
- Date
- Mar 28, 2014
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.3 (closed) WP Business intelligence lite < 1.3 - Arbitrary File Upload The WP Business intelligence lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'ofc_upload_image.php' files in versions before 1.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.
- Affected versions
-
max 1.3.
- Status
-
vulnerable
WP Business Intelligence Lite # bfe5ab85-092a-49ba-8632-671a594b5d62
- CVE, Research URL
- Home page URL
- Application
- Date
- -
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] < 1.1 (closed) WP Business intelligence lite <= 1.0.6 - Remote Code Execution Exploit The WP Business Intelligence Lite WordPress plugin was affected by a Remote Code Execution Exploit security vulnerability.
- Affected versions
-
max 1.1.
- Status
-
vulnerable
WP Business Intelligence Lite # 5850fb83027dffb242ec789921e562b3eb98f442
- CVE, Research URL
- Home page URL
- Application
- Date
- May 04, 2026
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] <= 3.2.0 (unfixed + closed) WP Business Intelligence Lite <= 3.2.0 - Authenticated (Subscriber+) Missing Authorization to Privilege Escalation via Arbitrary SQL Modification The WP Business Intelligence Lite plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.2.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify stored SQL queries, which can lead to privilege escalation via arbitrary SQL execution when the modified query is viewed by an administrator.
- Affected versions
-
max 3.2.0.
- Status
-
vulnerable
WP Business Intelligence Lite # a2666752da8b81042adfd74bba5761c91b15a5cf
- CVE, Research URL
- Home page URL
- Application
- Date
- May 05, 2026
- Research Description
- WP Business Intelligence Lite [wp-business-intelligence-lite] <= 3.2.0 (unfixed + closed) WP Business Intelligence Lite <= 3.2.0 - Missing Authorization The WP Business Intelligence Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.
- Affected versions
-
max 3.2.0.
- Status
-
vulnerable
Jul 13, 2026
WP Business Intelligence Lite # CVE-2026-15293
- CVE, Research URL
- Home page URL
- Application
- Date
- Jul 10, 2026
- Research Description
- The WP Business Intelligence Lite plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.2.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify stored SQL queries, which can lead to privilege escalation via arbitrary SQL execution when the modified query is viewed by an administrator.
- Affected versions
-
max 3.2.0.
- Status
-
vulnerable