CVE-2026-15072
The CVE-2026-15072 entry concerns the KiviCare – Clinic & Patient Management System (EHR) WordPress plugin, affected up to version 4.5.0. It describes a SQL Injection in the KCQueryBuilder via the 'orderby' parameter due to insufficient escaping and inadequate query preparation. Exploitation requ...