CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7 matches found

RedhatCVE•added 2025/10/19 6:43 a.m.•2 views

CVE-2025-10187

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

4.9CVSS6.6AI score0.00027EPSS

Exploits0References1

EUVD•added 2025/10/18 9:30 a.m.•2 views

EUVD-2025-34980

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

4.9CVSS6.1AI score0.00027EPSS

Exploits0References4

NVD•added 2025/10/18 7:15 a.m.•4 views

CVE-2025-10187

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

4.9CVSS0.00027EPSS

Exploits0References3

Cvelist•added 2025/10/18 6:42 a.m.•7 views

CVE-2025-10187 GSpeech TTS – WordPress Text To Speech Plugin <= 3.17.13 - Authenticated (Admin+) SQL injection

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

4.9CVSS0.00027EPSS

Exploits0References3

Vulnrichment•added 2025/10/18 6:42 a.m.•2 views

CVE-2025-10187 GSpeech TTS – WordPress Text To Speech Plugin <= 3.17.13 - Authenticated (Admin+) SQL injection

The GSpeech TTS – WordPress Text To Speech Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' parameter in all versions up to, and including, 3.17.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

4.9CVSS6.1AI score0.00027EPSS

Exploits0References3

CVE•added 2025/10/18 6:42 a.m.•9 views

CVE-2025-10187

CVE-2025-10187 concerns the GSpeech TTS – WordPress Text To Speech Plugin. Wordfence reports an SQL injection via the field parameter in all versions up to 3.17.13, enabling authenticated users with Administrator-level access (and above) to inject additional SQL into existing queries to extract d...

4.9CVSS6.2AI score0.00027EPSS

Exploits0References3

Patchstack•added 2025/10/18 1:7 a.m.•10 views

WordPress GSpeech TTS – WordPress Text To Speech Plugin plugin <= 3.17.13 - Authenticated (Admin+) SQL injection vulnerability

Authenticated Admin+ SQL injection vulnerability discovered by Moose Love in WordPress Plugin GSpeech TTS versions = 3.17.3...

4.9CVSS8.1AI score0.00027EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by