6 matches found
CVE-2026-2495
The WPNakama – Team and multi-Client Collaboration, Editorial and Project Management plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the '/wp-json/WPNakama/v1/boards' REST API endpoint in all versions up to, and including, 0.6.5. This is due to insufficient escapi...
CVE-2026-2495 WPNakama <= 0.6.5 - Unauthenticated SQL Injection via 'order' REST API Parameter
The WPNakama – Team and multi-Client Collaboration, Editorial and Project Management plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the '/wp-json/WPNakama/v1/boards' REST API endpoint in all versions up to, and including, 0.6.5. This is due to insufficient escapi...
CVE-2026-2495
The WPNakama – Team and multi-Client Collaboration, Editorial and Project Management plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the '/wp-json/WPNakama/v1/boards' REST API endpoint in all versions up to, and including, 0.6.5. This is due to insufficient escapi...
CVE-2026-2495
CVE-2026-2495 (WPNakama) is an unauthenticated SQL Injection in the WordPress plugin WPNakama – Team and multi-Client Collaboration, Editorial and Project Management. Affects versions up to and including 0.6.5, via the order parameter of the /wp-json/WPNakama/v1/boards REST API endpoint. The vuln...
WordPress plugin WPNakama SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Invoke 安全漏洞
Invoke is a leading creative engine for stabilizing diffusion models open-sourced by InvokeAI. A security vulnerability exists in Invoke version v5.0.2, which stems from a denial of service attack vulnerability in the /api/v1/boards/boardid endpoint...