4695 matches found
CVE-2025-69337 WordPress Wolmart Core plugin <= 1.9.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Wolmart Core wolmart-core allows Blind SQL Injection.This issue affects Wolmart Core: from n/a through = 1.9.6...
CVE-2025-69337
CVE-2025-69337 corresponds to an SQL Injection vulnerability in the WordPress Wolmart Core plugin (wolmart-core) up to version 1.9.6. The issue is described as a Blind SQL Injection arising from improper neutralization of special elements in SQL commands. Wordfence’s vulnerability feed lists Wolm...
CVE-2025-69366 WordPress Emerce Core plugin <= 1.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Emerce Core emerce-core allows Blind SQL Injection.This issue affects Emerce Core: from n/a through = 1.8...
CVE-2025-69310 WordPress Woodly Core plugin <= 1.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Woodly Core woodly-core allows Blind SQL Injection.This issue affects Woodly Core: from n/a through = 1.4...
CVE-2025-69308 WordPress Nestbyte Core plugin <= 1.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Nestbyte Core nestbyte-core allows Blind SQL Injection.This issue affects Nestbyte Core: from n/a through = 1.2...
CVE-2025-69309 WordPress Saasplate Core plugin <= 1.2.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Saasplate Core saasplate-core allows Blind SQL Injection.This issue affects Saasplate Core: from n/a through = 1.2.8...
CVE-2025-69308 WordPress Nestbyte Core plugin <= 1.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Nestbyte Core nestbyte-core allows Blind SQL Injection.This issue affects Nestbyte Core: from n/a through = 1.2...
CVE-2025-69310
CVE-2025-69310 affects Woodly Core (WordPress Woodly Core plugin) up to version 1.4, with an SQL Injection vulnerability caused by improper neutralization of elements in an SQL command. The issue enables Blind SQL Injection and is rated high (CVSS 3.1: 9.3, AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L). T...
CVE-2025-69306
The CVE-2025-69306 entry concerns WordPress Electio Core (electio-core) plugin versions up to 1.4, with an Unauthenticated SQL Injection vulnerability caused by improper neutralization of SQL commands. Public references indicate the issue affects Electio Core and describe it as Blind SQL Injectio...
CVE-2025-69304
CVE-2025-69304 affects WordPress Allmart plugin (allmart-core) up to version 1.1, with an unauthenticated Blind SQL Injection due to improper neutralization of SQL elements. CVSS 3.1 base score 9.3 (CRITICAL). Connected sources confirm the vulnerability description and affected versions, but do n...
CVE-2025-69304 WordPress Allmart plugin <= 1.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a through = 1.1...
CVE-2025-69305 WordPress Crete Core plugin <= 1.4.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: from n/a through = 1.4.3...
CVE-2025-69304 WordPress Allmart plugin <= 1.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a through = 1.1...
CVE-2025-69305
CVE-2025-69305 is a documented SQL injection affecting WordPress Crete Core plugin versions up to and including 1.4.3, with exploitation described as Blind SQL Injection. The CVE entry is supported by multiple connected sources: NVD/NVD metadata notes Crete Core
CVE-2025-69295
CVE-2025-69295 is a Blind SQL Injection vulnerability in the WordPress Coven Core (coven-core) plugin. Affected versions are Coven Core up to 1.3. The root cause is improper neutralization/sanitization of user input before SQL query construction, enabling remote attackers to craft queries that af...
CVE-2025-69295 WordPress Coven Core plugin <= 1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Coven Core coven-core allows Blind SQL Injection.This issue affects Coven Core: from n/a through = 1.3...
CVE-2025-10970
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Kolay Software Inc. Talentics allows Blind SQL Injection. This issue affects Talentics: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2025-10970
CVE-2025-10970 applies to Kolay Software Inc. Talentics (through version 20022026). The issue is an SQL Injection in Talentics caused by improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Several sources (NVD/Red Hat/CVE listing) confirm the vulnerability d...
PT-2026-21134
Name of the Vulnerable Software and Affected Versions TeconceTheme Medinik Core versions through 1.3.6 Description A flaw exists in TeconceTheme Medinik Core medinik-core that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. Recommendations...
PT-2026-21131
Name of the Vulnerable Software and Affected Versions TeconceTheme Allmart versions through 1.1 Description The software contains an Improper Neutralization of Special Elements used in an SQL Command vulnerability, specifically a Blind SQL Injection issue. This allows for potential exploitation...