CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

NVD•added 2026/05/23 7:16 p.m.•9 views

CVE-2018-25347

WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generetecsvfmc AJAX actions. Attackers can inject malicious SQL code via the 'name' and 'searchlabels' parameter...

7.1CVSS0.00027EPSS

Exploits0References3

CVE•added 2026/05/23 6:30 p.m.•30 views

CVE-2018-25346

WordPress Form Maker Plugin ≤ 1.12.24 contains SQL injection via admin-ajax.php (FormMakerSQLMapping, generete_csv). Authenticated attackers can send POST payloads in name/search_labels to manipulate queries, potentially extracting/modifying data or escalating privileges in the WordPress database...

7.1CVSS5.9AI score0.00029EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by