55 matches found
EUVD-2025-10110
Malicious code in bioql PyPI...
EUVD-2025-10112
Malicious code in bioql PyPI...
EUVD-2025-8329
Malicious code in bioql PyPI...
CVE-2024-10480
The 3DPrint Lite WordPress plugin before 2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2025-3430
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'printertext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3427
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'infilltext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3428
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'coatingtext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3428 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'coating_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'coatingtext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3428 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'coating_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'coatingtext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3430 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'printer_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'printertext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3430 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'printer_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'printertext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3430
CVE-2025-3430 affects the 3DPrint Lite WordPress plugin. The vulnerability is an SQL Injection in the printer_text parameter in all versions up to 2.1.3.6 caused by insufficient escaping and lack of proper query preparation. Impact: unauthenticated attackers can inject SQL to extract sensitive da...
CVE-2025-3429
CVE-2025-3429 affects the WordPress plugin 3DPrint Lite (versions up to 2.1.3.6). The vulnerability is an authenticated (Admin+) SQL Injection via the material_text parameter due to insufficient escaping in the query, enabling an attacker with admin privileges to append additional SQL statements ...
CVE-2025-3427
The CVE CVE-2025-3427 affects the WordPress plugin 3DPrint Lite (
CVE-2025-3427 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'infill_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'infilltext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3429 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'material_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'materialtext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3427 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'infill_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'infilltext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-3429 3DPrint Lite <=2.1.3.6 - Authenticated (Admin+) SQL Injection via 'material_text'
The 3DPrint Lite plugin for WordPress is vulnerable to SQL Injection via the 'materialtext' parameter in all versions up to, and including, 2.1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
WordPress plugin 3DPrint Lite SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A SQL injection...
PT-2025-15380 · WordPress · 3Dprint Lite
Name of the Vulnerable Software and Affected Versions: 3DPrint Lite plugin for WordPress versions up to, and including, 2.1.3.6 Description: The issue arises from insufficient escaping on the user-supplied infill text parameter and lack of sufficient preparation on the existing SQL query, making ...