WordPress CBX Bookmark & Favorite Plugin <= 2.0.4 - SQL Injection

CBX Bookmark & Favorite WordPress plugin = 2.0.4 contains a SQL injection caused by insufficient escaping of the 'orderby' parameter, letting authenticated attackers with Subscriber-level access extract sensitive database information id: CVE-2025-13652 info: name: WordPress CBX Bookmark & Favorit...

CVE-2025-13652

The CBX Bookmark & Favorite plugin for WordPress is vulnerable to generic SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

WordPress CBX Bookmark & Favorite plugin <= 2.0.4 - Authenticated (Subscriber+) SQL Injection via `orderby` Parameter vulnerability

Authenticated Subscriber+ SQL Injection via orderby Parameter vulnerability discovered by Muhamad Visat in WordPress Plugin CBX Bookmark & Favorite versions = 2.0.4...

CVE-2025-13652

The CVE-2025-13652 entry concerns CBX Bookmark & Favorite (WordPress) with a SQL Injection vulnerability via the orderby parameter in all versions up to 2.0.4. The issue arises from insufficient escaping and lack of proper SQL query preparation, enabling authenticated attackers with Subscriber+ p...

CVE-2025-13652 CBX Bookmark & Favorite <= 2.0.4 - Authenticated (Subscriber+) SQL Injection via `orderby` Parameter

The CBX Bookmark & Favorite plugin for WordPress is vulnerable to generic SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

PT-2026-1400

Name of the Vulnerable Software and Affected Versions CBX Bookmark & Favorite plugin for WordPress versions through 2.0.4 Description The software contains a SQL Injection flaw due to inadequate input sanitization of the orderby parameter. This allows authenticated attackers with Subscriber-level...

WordPress plugin CBX Bookmark & Favorite SQL注入漏洞

...

CVE-2025-66101

Missing Authorization vulnerability in Sabuj Kundu CBX Bookmark & Favorite cbxwpbookmark allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CBX Bookmark & Favorite: from n/a through = 2.0.1...

CVE-2025-66101

Missing Authorization vulnerability in Sabuj Kundu CBX Bookmark & Favorite cbxwpbookmark allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CBX Bookmark & Favorite: from n/a through = 2.0.1...

CVE-2025-66101

CVE-2025-66101 is a Missing/ Broken Access Control vulnerability in WordPress plugin CBX Bookmark & Favorite (cbxwpbookmark) versions up to and including 2.0.1. Affected component is access control configuration, enabling unauthorized access to bookmark/favorite data. CVSS v3.1 base score 4.3 (Me...

EUVD-2025-198449

Missing Authorization vulnerability in Sabuj Kundu CBX Bookmark & Favorite cbxwpbookmark allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CBX Bookmark & Favorite: from n/a through = 2.0.1...

CVE-2025-66101 WordPress CBX Bookmark & Favorite plugin <= 2.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sabuj Kundu CBX Bookmark & Favorite cbxwpbookmark allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CBX Bookmark & Favorite: from n/a through = 2.0.1...

WordPress CBX Bookmark & Favorite plugin <= 2.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin CBX Bookmark & Favorite versions = 2.0.1...

EUVD-2023-56227

Malicious code in bioql PyPI...

EUVD-2024-30379

Malicious code in bioql PyPI...

EUVD-2024-29953

Malicious code in bioql PyPI...

CVE-2024-32577

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20...

CVE-2023-51514

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.13...

CVE-2024-32132

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Codeboxr Team CBX Bookmark & Favorite.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20...

CVE-2024-32577

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20...