CVE-2026-32513

Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through = 6.1.7...

CVE-2026-32513

Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through = 6.1.7...

EUVD-2026-10098

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.1.7 via the 'included' shortcode attribute. This is due to the deserialization of untrusted input supplied via the 'included' parameter of the plugin's shortcode. This makes it...

CVE-2026-2020 JS Archive List <= 6.1.7 - Authenticated (Contributor+) PHP Object Injection via 'included' Shortcode Attribute

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.1.7 via the 'included' shortcode attribute. This is due to the deserialization of untrusted input supplied via the 'included' parameter of the plugin's shortcode. This makes it...

WordPress plugin JS Archive List 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

WordPress JS Archive List plugin <= 6.1.5 - Unauthenticated SQL Injection via build_sql_where Function vulnerability

Unauthenticated SQL Injection via buildsqlwhere Function vulnerability discovered by mikemyers in WordPress Plugin JS Archive List versions = 6.1.5...

EUVD-2025-28565

Malicious code in bioql PyPI...

CVE-2025-54726

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows SQL Injection.This issue affects JS Archive List: from n/a through 6.1.6...

CVE-2025-54726 WordPress JS Archive List Plugin < 6.1.6 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows SQL Injection.This issue affects JS Archive List: from n/a through 6.1.6...

CVE-2025-54726 WordPress JS Archive List Plugin < 6.1.6 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Miguel Useche JS Archive List allows SQL Injection. This issue affects JS Archive List: from n/a through n/a...

CVE-2025-54726

CVE-2025-54726 affects the WordPress plugin jquery-archive-list-widget (JS Archive List). Nuclei template and Patchstack/NVD entries indicate an SQL Injection in JS Archive List &lt;= 6.1.5 (up to

PT-2025-34022

Name of the Vulnerable Software and Affected Versions: JS Archive List affected versions not specified Description: The software contains an Improper Neutralization of Special Elements used in an SQL Command vulnerability, which allows for SQL Injection. Recommendations: At the moment, there is n...

CVE-2025-7670

CVE-2025-7670 – JS Archive List (WordPress) is a time-based SQL injection in the build_sql_where() path of all versions up to 6.1.5, due to insufficient escaping and query prep. This allows unauthenticated attackers to append SQL to existing queries and potentially leak sensitive data. Mitigation...

CVE-2025-7670 JS Archive List <= 6.1.5 - Unauthenticated SQL Injection via build_sql_where Function

The JS Archive List plugin for WordPress is vulnerable to time-based SQL Injection via the buildsqlwhere function in all versions up to, and including, 6.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

PT-2025-33712 · WordPress · Js Archive List

Name of the Vulnerable Software and Affected Versions: JS Archive List plugin for WordPress versions up to and including 6.1.5 Description: The JS Archive List plugin for WordPress is susceptible to time-based SQL Injection through the build sql where function. This is due to insufficient escapin...