WordPress SQL Chart Builder plugin < 2.3.8 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by dangnosuy in WordPress Plugin SQL Chart Builder versions 2.3.8...

EUVD-2026-19578

The SQL Chart Builder WordPress plugin before 2.3.8 does not properly escape user input as it is concatened to SQL queries, making it possible for attackers to conduct SQL Injection attacks against the dynamic filter functionality...

CVE-2026-4079

CVE-2026-4079 affects the WordPress plugin SQL Chart Builder prior to 2.3.8. The root cause is improper escaping of user input that is concatenated into SQL queries used by the dynamic filter functionality, enabling unauthenticated SQL Injection. The connected documents confirm the vulnerability ...

EUVD-2025-30593

Malicious code in bioql PyPI...

CVE-2025-58233

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Guaven Labs SQL Chart Builder sql-chart-builder allows DOM-Based XSS.This issue affects SQL Chart Builder: from n/a through = 2.3.7.2...

CVE-2025-58233

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Guaven Labs SQL Chart Builder sql-chart-builder allows DOM-Based XSS.This issue affects SQL Chart Builder: from n/a through = 2.3.7.2...

WordPress SQL Chart Builder Plugin <= 2.3.7.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin SQL Chart Builder versions = 2.3.7.2...

CVE-2025-58233

CVE-2025-58233 describes a DOM-based XSS vulnerability in Guaven Labs SQL Chart Builder. Affected: SQL Chart Builder versions up to 2.3.7.2 (no fixed version specified in the documents beyond that). The issue is an input handling problem during web page generation that can lead to Cross-Site Scri...

CVE-2025-58233 WordPress SQL Chart Builder Plugin <= 2.3.7.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Guaven Labs SQL Chart Builder sql-chart-builder allows DOM-Based XSS.This issue affects SQL Chart Builder: from n/a through = 2.3.7.2...

CVE-2025-58233 WordPress SQL Chart Builder Plugin <= 2.3.7.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Guaven Labs SQL Chart Builder sql-chart-builder allows DOM-Based XSS.This issue affects SQL Chart Builder: from n/a through = 2.3.7.2...

PT-2025-38898

Name of the Vulnerable Software and Affected Versions Guaven Labs SQL Chart Builder versions through 2.3.7.2 Description A flaw exists in Guaven Labs SQL Chart Builder that allows for DOM-Based Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page...

WordPress plugin Guaven Labs SQL Chart Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...

CVE-2024-11430 SQL Chart Builder <= 2.3.6 - Authenticated (Contributor+) SQL Injection

The SQL Chart Builder plugin for WordPress is vulnerable to SQL Injection via the 'arg1' arg of the 'gvnschart2' shortcode in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This mak...

CVE-2024-11430 SQL Chart Builder <= 2.3.6 - Authenticated (Contributor+) SQL Injection

The SQL Chart Builder plugin for WordPress is vulnerable to SQL Injection via the 'arg1' arg of the 'gvnschart2' shortcode in all versions up to, and including, 2.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This mak...

WordPress SQL Chart Builder plugin <= 2.3.7.1 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin SQL Chart Builder versions = 2.3.7.1...

WordPress plugin SQL Chart Builder SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...