35 matches found
CVE-2026-3781
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
PT-2026-33420
Name of the Vulnerable Software and Affected Versions CodeAstro Simple Attendance Management System version 1.0 Description A SQL injection allows remote unauthenticated attackers to bypass authentication. This occurs via the username parameter in the 'index.php' endpoint. Recommendations At the...
EUVD-2026-20107
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
WordPress Attendance Manager plugin <= 0.6.2 - Authenticated (Subscriber+) SQL Injection via 'attmgr_off' Parameter vulnerability
Authenticated Subscriber+ SQL Injection via 'attmgroff' Parameter vulnerability discovered by Maurice Fielenbach Hexastrike - Hexastrike Cybersecurity UG haftungsbeschränkt in WordPress Plugin Attendance Manager versions = 0.6.2...
CVE-2026-3781
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2026-3781 Attendance Manager <= 0.6.2 - Authenticated (Subscriber+) SQL Injection via 'attmgr_off' Parameter
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2026-3781
Affected product: Attendance Manager plugin for WordPress. Vulnerability: SQL Injection via the 'attmgr_off' parameter in all versions up to and including 0.6.2, caused by insufficient escaping of user input and inadequate preparation of the SQL query. Impact (as stated): authenticated attackers ...
CVE-2026-3781 Attendance Manager <= 0.6.2 - Authenticated (Subscriber+) SQL Injection via 'attmgr_off' Parameter
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
PT-2026-31098
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgr off' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
WordPress plugin Attendance Manager SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
EUVD-2019-15539
Malware in sbrugna...
EUVD-2019-15538
Malware in sbrugna...
EUVD-2025-11338
Malicious code in bioql PyPI...
CVE-2019-5970
Cross-site scripting vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-5971
Cross-site request forgery CSRF vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2025-39515
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tnomi Attendance Manager attendance-manager allows Stored XSS.This issue affects Attendance Manager: from n/a through = 0.6.2...
WordPress Attendance Manager plugin <= 0.6.2 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Attendance Manager versions = 0.6.2...
CVE-2025-39515
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tnomi Attendance Manager attendance-manager allows Stored XSS.This issue affects Attendance Manager: from n/a through = 0.6.2...
CVE-2025-39515 WordPress Attendance Manager plugin <= 0.6.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tnomi Attendance Manager attendance-manager allows Stored XSS.This issue affects Attendance Manager: from n/a through = 0.6.2...
CVE-2025-39515
CVE-2025-39515 affects WordPress Attendance Manager. The issue is a stored cross-site scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Affected versions are Attendance Manager: from n/a through 0.6.2. The public documents describe the root cause...