Lucene search
K

457766 matches found

NVD
NVD
added 2026/06/16 10:16 a.m.10 views

CVE-2026-49772

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS0.00229EPSS
Exploits1References1
NVD
NVD
added 2026/06/16 10:16 a.m.11 views

CVE-2026-49774

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS0.0028EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:4 a.m.12 views

EUVD-2026-37057

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS5.7AI score0.00229EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/16 9:4 a.m.37 views

CVE-2026-49772 WordPress The Events Calendar plugin 6.15.12-6.16.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Liquid Web / StellarWP The Events Calendar allows Blind SQL Injection. This issue affects The Events Calendar: from 6.15.12 through 6.16.2...

9.3CVSS0.00229EPSS
Exploits1References1
CVE
CVE
added 2026/06/16 9:4 a.m.31 views

CVE-2026-49772

CVE-2026-49772 affects WordPress plugin The Events Calendar (Liquid Web / StellarWP) versions 6.15.12–6.16.2. The issue is an SQL Injection due to improper neutralization of special elements, enabling blind SQL injection. CVSS 3.1 base score 9.3 (CRITICAL) with AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L...

9.3CVSS5.6AI score0.00229EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/16 9:2 a.m.8 views

EUVD-2026-37056

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS5.4AI score0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:2 a.m.31 views

CVE-2026-49774 WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0...

9.9CVSS0.0028EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:2 a.m.20 views

CVE-2026-49774

CVE-2026-49774 describes an "Improper Control of Generation of Code (Code Injection)" vulnerability in the WordPress RD Station plugin

9.9CVSS5.4AI score0.0028EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.6 views

EUVD-2026-37051

Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...

9.3CVSS5.8AI score0.0025EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.18 views

CVE-2026-52715

GEO my WordPress plugin (WordPress)

9.3CVSS5.7AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.31 views

CVE-2026-52715 WordPress GEO my WordPress plugin <= 4.5.5 - SQL Injection vulnerability

Unauthenticated SQL Injection in GEO my WordPress = 4.5.5 versions...

9.3CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.23 views

CVE-2026-52712 WordPress Attendance Manager plugin <= 0.6.2 - SQL Injection vulnerability

Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...

7.6CVSS0.00235EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.7 views

EUVD-2026-37049

Subscriber SQL Injection in Attendance Manager = 0.6.2 versions...

7.6CVSS5.8AI score0.00235EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.11 views

CVE-2026-52712

CVE-2026-52712 affects the WordPress Attendance Manager plugin version &lt;= 0.6.2 and is described as a Subscriber SQL Injection vulnerability. The initial documents cite a CVSSv3.1 base score of 7.6 (High) with network attack vector, low attack complexity, and high confidentiality impact, but d...

7.6CVSS5.7AI score0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.26 views

CVE-2026-39581 WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.1.4 - SQL Injection vulnerability

Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...

8.5CVSS0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.6 views

EUVD-2026-37047

Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic = 1.1.4 versions...

8.5CVSS5.8AI score0.0027EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.8 views

CVE-2026-39581

CVE-2026-39581 documents a SQL Injection in the WordPress plugin WP Sessions Time Monitoring Full Automatic for versions

8.5CVSS5.7AI score0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/16 9:0 a.m.7 views

EUVD-2026-37046

Unauthenticated SQL Injection in InPost Gallery = 2.1.4.6 versions...

9.3CVSS5.8AI score0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/16 9:0 a.m.28 views

CVE-2026-39574 WordPress InPost Gallery plugin <= 2.1.4.6 - SQL Injection vulnerability

Unauthenticated SQL Injection in InPost Gallery = 2.1.4.6 versions...

9.3CVSS0.00234EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 9:0 a.m.17 views

CVE-2026-39574

CVE-2026-39574 : Unauthenticated SQL injection in the WordPress InPost Gallery plugin, affected versions ≤ 2.1.4.6. Root cause and exact exploit details are not provided in the documents; CVSS v3.1 base score 9.3 (CRITICAL, NETWORK, no privileges required, user interaction: none). No remediation ...

9.3CVSS5.7AI score0.00234EPSS
Exploits0References1
Rows per page
Query Builder