39 matches found
CVE-2026-52712
Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...
CVE-2026-52712 WordPress Attendance Manager plugin <= 0.6.2 - SQL Injection vulnerability
Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...
EUVD-2026-37049
Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...
CVE-2026-52712
CVE-2026-52712 affects the WordPress Attendance Manager plugin version <= 0.6.2 and is described as a Subscriber SQL Injection vulnerability. The initial documents cite a CVSSv3.1 base score of 7.6 (High) with network attack vector, low attack complexity, and high confidentiality impact, but d...
CVE-2026-3781
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
PT-2026-33420
Name of the Vulnerable Software and Affected Versions CodeAstro Simple Attendance Management System version 1.0 Description A SQL injection allows remote unauthenticated attackers to bypass authentication. This occurs via the username parameter in the 'index.php' endpoint. Recommendations At the...
EUVD-2026-20107
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
WordPress Attendance Manager plugin <= 0.6.2 - Authenticated (Subscriber+) SQL Injection via 'attmgr_off' Parameter vulnerability
Authenticated Subscriber+ SQL Injection via 'attmgroff' Parameter vulnerability discovered by Maurice Fielenbach Hexastrike - Hexastrike Cybersecurity UG haftungsbeschränkt in WordPress Plugin Attendance Manager versions = 0.6.2...
CVE-2026-3781
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2026-3781 Attendance Manager <= 0.6.2 - Authenticated (Subscriber+) SQL Injection via 'attmgr_off' Parameter
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2026-3781
Affected product: Attendance Manager plugin for WordPress. Vulnerability: SQL Injection via the 'attmgr_off' parameter in all versions up to and including 0.6.2, caused by insufficient escaping of user input and inadequate preparation of the SQL query. Impact (as stated): authenticated attackers ...
CVE-2026-3781 Attendance Manager <= 0.6.2 - Authenticated (Subscriber+) SQL Injection via 'attmgr_off' Parameter
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
WordPress plugin Attendance Manager SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-31098
The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgr off' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
EUVD-2019-15539
Malware in sbrugna...
EUVD-2019-15538
Malware in sbrugna...
EUVD-2025-11338
Malicious code in bioql PyPI...
CVE-2019-5970
Cross-site scripting vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2019-5971
Cross-site request forgery CSRF vulnerability in Attendance Manager 0.5.6 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors...
CVE-2025-39515
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tnomi Attendance Manager attendance-manager allows Stored XSS.This issue affects Attendance Manager: from n/a through = 0.6.2...