3 matches found
PT-2026-52191
Name of the Vulnerable Software and Affected Versions Dokan Pro versions prior to 5.0.5 Description The Dokan Pro plugin for WordPress contains a time-based SQL Injection flaw. This issue occurs because user-supplied parameters are not sufficiently escaped and the SQL query is not properly...
CVE-2026-9757
The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...
PT-2026-45090
Name of the Vulnerable Software and Affected Versions GEO my WP versions prior to 4.5.6 Description The plugin is subject to SQL Injection, allowing unauthenticated attackers to append additional SQL queries to extract sensitive information from the database. The issue occurs because the swlatlng...