75 matches found
CVE-2026-49046
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
CVE-2026-49046
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
EUVD-2026-32539
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Arjun Thakur Duplicate Page and Post allows Blind SQL Injection. This issue affects Duplicate Page and Post: from n/a through 2.9.5...
WordPress plugin Duplicate Page and Post SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2019-25539
202CMS v10 beta contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the loguser parameter. Attackers can send POST requests to index.php with crafted SQL payloads using time-based blind injection technique...
PT-2026-24996
Netartmedia PHP Real Estate Agency 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the features parameter. Attackers can send POST requests to index.php with crafted SQL payloads in the features...
WordPress plugin Page and Post Clone SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin atec Duplicate Page & Post has an unspecified vulnerability
WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in WordPress plugin atec Duplicate Page & Post 1.2.20 and earli...
CVE-2025-13404
The atec Duplicate Page & Post plugin for WordPress is vulnerable to unauthorized post duplication due to missing authorization validation on the duplicatepost function in all versions up to, and including, 1.2.20. This makes it possible for authenticated attackers, with Contributor-level access...
CVE-2025-12527 Page & Post Notes <= 1.3.4 - Missing Authorization to Authenticated (Subscriber+) Note Update/Deletion
The Page & Post Notes plugin for WordPress is vulnerable to unauthorized modification of notes due to a missing capability check on the 'yydevnotessavedashboarddata' function in all versions up to, and including, 1.3.4. This makes it possible for authenticated attackers, with Subscriber-level...
EUVD-2014-2630
Malware in sbrugna...
EUVD-2025-31381
Malicious code in bioql PyPI...
EUVD-2024-31352
Malicious code in bioql PyPI...
CVE-2025-6189
The Duplicate Page and Post plugin for WordPress is vulnerable to time-based SQL Injection via the ‘metakey’ parameter in all versions up to, and including, 2.9.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...
CVE-2025-6189 Duplicate Page and Post <= 2.9.5 - Authenticated (Contributor+) SQL Injection via meta_key Parameter
The Duplicate Page and Post plugin for WordPress is vulnerable to time-based SQL Injection via the ‘metakey’ parameter in all versions up to, and including, 2.9.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...
CVE-2025-6189
CVE-2025-6189 affects the WordPress plugin “Duplicate Page and Post” (versions up to 2.9.5). The issue is a time-based SQL Injection via the meta_key parameter caused by insufficient escaping and improper SQL query preparation. Exploitation requires authenticated access at Contributor level or hi...
CVE-2025-6189 Duplicate Page and Post <= 2.9.5 - Authenticated (Contributor+) SQL Injection via meta_key Parameter
The Duplicate Page and Post plugin for WordPress is vulnerable to time-based SQL Injection via the ‘metakey’ parameter in all versions up to, and including, 2.9.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...
CVE-2025-58400
creationtimestamp| type| source ---|---|--- 2025-09-05 08:01:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly36ykarj72i...
MAL-2025-6978 Malicious code in 11ty-simple-page-post-creator (npm)
The package 11ty-simple-page-post-creator was found to contain malicious code...
Malicious code in 11ty-simple-page-post-creator (npm)
The package 11ty-simple-page-post-creator was found to contain malicious code...