CVE-2026-3057 a54552239 pearProjectApi Backend Task.php dateTotalForProject sql injection

A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Interface. The manipulation of the argument projectCode results in sql injection. The attack can be...

CVE-2026-3057

A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Interface. The manipulation of the argument projectCode results in sql injection. The attack can be...

PT-2026-21654

Name of the Vulnerable Software and Affected Versions a54552239 pearProjectApi versions up to 2.8.10 Description A security flaw exists in a54552239 pearProjectApi. The dateTotalForProject function within the application/common/Model/Task.php file of the Backend Interface component is susceptible...

WordPress Checkbox plugin <= 2.8.10 - Missing Authorization to Unauthenticated Log Clearing vulnerability

Missing Authorization to Unauthenticated Log Clearing vulnerability discovered by Legion Hunter in WordPress Plugin Checkbox versions = 2.8.10...

EUVD-2025-198407

The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...

CVE-2025-12170 Checkbox <= 2.8.10 - Missing Authorization to Unauthenticated Log Clearing

The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...

EUVD-2021-11831

Malware in sbrugna...

EUVD-2012-4914

Malware in sbrugna...

EUVD-2014-2270

Malware in sbrugna...

EUVD-2024-43368

Malicious code in bioql PyPI...

CVE-2025-57937 WordPress WPeMatico RSS Feed Fetcher Plugin <= 2.8.10 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Retrieve Embedded Sensitive Data.This issue affects WPeMatico RSS Feed Fetcher: from n/a through = 2.8.10...

CVE-2025-57937 WordPress WPeMatico RSS Feed Fetcher Plugin <= 2.8.10 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in etruel WPeMatico RSS Feed Fetcher allows Retrieve Embedded Sensitive Data. This issue affects WPeMatico RSS Feed Fetcher: from n/a through 2.8.10...

CVE-2025-57937

CVE-2025-57937 describes a missing access control in the WPeMatico RSS Feed Fetcher (WPematico) plugin. The vulnerability exposes sensitive system information to an unauthorized actor, allowing retrieval of embedded sensitive data. Affected component: WPeMatico RSS Feed Fetcher; affected versions...

WordPress plugin WPeMatico RSS Feed Fetcher 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-47569

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through = 2.9.6...

CVE-2025-47569 WordPress WooCommerce Ultimate Gift Card plugin <= 2.9.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through = 2.9.6...

CVE-2025-47569 WordPress WooCommerce Ultimate Gift Card plugin <= 2.8.10 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates. This issue affects WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards...

WordPress plugin WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WooCommerce Ultimate Gift...

PT-2025-36761

Name of the Vulnerable Software and Affected Versions: WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates versions through 2.8.10 Description: The software contains an SQL injection flaw that allows attackers to manipulate commands. This...

CVE-2024-49305

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFactory Email Verification for WooCommerce emails-verification-for-woocommerce allows SQL Injection.This issue affects Email Verification for WooCommerce: from n/a through = 2.8.10...