Lucene search
K

2400 matches found

CNNVD
CNNVD
added 2025/08/20 12:0 a.m.4 views

WordPress plugin Custom API for WP SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

9.3CVSS7.3AI score0.0039EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/17 12:0 a.m.3 views

ThingsBoard 安全漏洞

ThingsBoard is a Java-based platform for IOT devices for monitoring, management, and data collection by the ThingsBoard team. A security vulnerability exists in ThingsBoard version 4.1, which stems from the Add Gateway Handler component improperly neutralizing special elements of the template...

5.3CVSS6.8AI score0.00269EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.5 views

CVE-2025-54669

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RomanCode MapSVG mapsvg allows SQL Injection.This issue affects MapSVG: from n/a through 8.7.4...

9.3CVSS5.9AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.4 views

CVE-2025-49059

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.20...

9.3CVSS5.9AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.6 views

CVE-2025-39510

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...

8.5CVSS5.9AI score0.00254EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/08/15 3:41 p.m.7 views

CVE-2025-49898

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xolluteon Dropshix allows DOM-Based XSS.This issue affects Dropshix: from n/a through 4.0.14...

7.6CVSS5.2AI score0.004EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.1 views

CVE-2025-49758

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS7.9AI score0.00865EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 6:21 p.m.5 views

CVE-2025-55708 WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master allows SQL Injection. This issue affects Quiz And Survey Master: from n/a through 10.2.4...

8.5CVSS7.9AI score0.00251EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.3 views

CVE-2025-54669

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RomanCode MapSVG mapsvg allows SQL Injection.This issue affects MapSVG: from n/a through 8.7.4...

9.3CVSS0.00285EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.4 views

CVE-2025-52823

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ovatheme Cube Portfolio cubeportfolio allows SQL Injection.This issue affects Cube Portfolio: from n/a through = 1.16.8...

8.5CVSS0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.10 views

CVE-2025-30998 WordPress WP Links Page plugin <= 4.9.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rico Macchi WP Links Page wp-links-page allows SQL Injection.This issue affects WP Links Page: from n/a through = 4.9.6...

8.5CVSS0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:34 a.m.10 views

CVE-2025-39510 WordPress Pinterest Automatic Pin plugin < 4.19.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ValvePress Pinterest Automatic Pin wp-pinterest-automatic allows SQL Injection.This issue affects Pinterest Automatic Pin: from n/a through 4.19.0...

8.5CVSS0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.1 views

CVE-2025-49059 WordPress CleverReach® WP Plugin <= 1.5.20 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP allows SQL Injection. This issue affects CleverReach® WP: from n/a through 1.5.20...

9.3CVSS7.9AI score0.00281EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 10:33 a.m.11 views

CVE-2025-52823 WordPress Cube Portfolio Plugin <= 1.16.8 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ovatheme Cube Portfolio cubeportfolio allows SQL Injection.This issue affects Cube Portfolio: from n/a through = 1.16.8...

8.5CVSS0.00243EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.2 views

WordPress plugin Easy Form Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

9.3CVSS5.4AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 6:15 p.m.1 views

CVE-2025-49759

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.01029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 4:59 p.m.2 views

CVE-2025-24921

Improper neutralization for some Edge Orchestrator software before version 24.11.1 for IntelR TiberTM Edge Platform may allow an unauthenticated user to potentially enable information disclosure via adjacent access...

6.9CVSS6.9AI score0.0019EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/08/12 7:0 a.m.8 views

Microsoft SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS7.9AI score0.01355EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/08/12 7:0 a.m.3 views

Microsoft SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS7.9AI score0.01017EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/08/12 7:0 a.m.9 views

GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS7.8AI score0.02559EPSS
Exploits2
Rows per page
Query Builder