Lucene search
K

155 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-31037

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00508EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6681

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00413EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-21259

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-15161

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00438EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-50552

Malicious code in bioql PyPI...

5.3CVSS9.1AI score0.00394EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-16941

Malicious code in bioql PyPI...

7.2CVSS6.4AI score0.00781EPSS
Exploits0References3
CVE
CVE
added 2025/07/30 8:23 a.m.36 views

CVE-2025-6348

CVE-2025-6348 affects WordPress Smart Slider 3 plugin. All versions up to and including 3.5.1.28 are vulnerable to a time-based SQL Injection via the sliderid parameter, caused by insufficient escaping of user input and inadequate preparation of the existing SQL query. This allows authenticated a...

4.9CVSS7.4AI score0.00367EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/24 7:22 a.m.7 views

CVE-2025-8009 Security Ninja – Secure Firewall & Secure Malware Scanner - 5.201 - 5.242 - Authenticated (Administrator+) Arbitrary File Read

The Security Ninja – WordPress Security Plugin & Firewall plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.242 via the 'getfilesource' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to extra...

4.9CVSS0.0061EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.7 views

PT-2025-30640 · WordPress · The Security Ninja – Wordpress Security Plugin & Firewall

Name of the Vulnerable Software and Affected Versions: The Security Ninja – WordPress Security Plugin & Firewall versions prior to 5.243 Description: The Security Ninja – WordPress Security Plugin & Firewall plugin for WordPress is susceptible to an arbitrary file read issue. This allows...

4.9CVSS6.3AI score0.0061EPSS
Exploits0References2
CVE
CVE
added 2025/07/21 11:1 a.m.13 views

CVE-2025-41458

CVE-2025-41458 concerns unencrypted storage in the iOS app Two App Studio Journey v5.5.9, allowing local attackers with direct filesystem access to extract sensitive data. The NVD entry lists a CVSS v3.1 base score 5.5 (MEDIUM) , with LOCAL attack vector, LOW attack complexity, and HIGH confident...

5.5CVSS6AI score0.00089EPSS
Exploits0References1
CVE
CVE
added 2025/07/18 5:23 a.m.24 views

CVE-2025-6717

CVE-2025-6717 affects the B1.lt for WooCommerce plugin (WordPress). The vulnerability is an authenticated SQL Injection via the id parameter in versions up to and including 2.2.56, caused by insufficient escaping of user input and lack of proper SQL query preparation. Exploitation requires Subscr...

6.5CVSS6.9AI score0.00281EPSS
Exploits0References3
CVE
CVE
added 2025/07/11 7:22 a.m.31 views

CVE-2025-4593

The CVE describes a vulnerability in the WordPress plugin WP Register Profile With Shortcode (versions ≤ 3.6.2) that allows authenticated attackers with Contributor-level access or higher to expose sensitive user meta data via the rp_user_data shortcode. Impact noted includes exposure of hashed p...

6.5CVSS6.1AI score0.00273EPSS
Exploits0References2
CVE
CVE
added 2025/07/09 10:22 p.m.71 views

CVE-2025-6970

Summary: CVE-2025-6970 affects the WordPress plugin “Events Manager” (<= 7.0.3). The vulnerability is a time-based SQL Injection via the orderby parameter caused by insufficient escaping and inadequate query preparation. This allows unauthenticated attackers to append arbitrary SQL to existing...

7.5CVSS7.2AI score0.55683EPSS
Exploits2References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/06 2:18 a.m.20 views

CVE-2025-6782

The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the dirGZActiveForm function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

7.5CVSS7.1AI score0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/04 1:44 a.m.4 views

CVE-2025-6782 GoZen Forms <= 1.1.5 - Unauthenticated SQL Injection via dirGZActiveForm()

The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the dirGZActiveForm function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

7.5CVSS7AI score0.00347EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/04 1:44 a.m.9 views

CVE-2025-6783 GoZen Forms <= 1.1.5 - Unauthenticated SQL Injection via emdedSc()

The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the emdedSc function in all versions up to, and including, 1.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

7.5CVSS0.00361EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/02 3:47 a.m.5 views

CVE-2025-6437 Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager <= 4.89 - Unauthenticated SQL Injection via oid

The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘oid’ parameter in all versions up to, and including, 4.89 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...

7.5CVSS7.8AI score0.00327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.5 views

PT-2025-27587 · WordPress · The Ads Pro Plugin

Name of the Vulnerable Software and Affected Versions: The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin versions up to, and including, 4.89 Description: The issue allows for SQL Injection via the id variable of the getSpace function due to insufficient escaping on the...

7.5CVSS6.9AI score0.00327EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/06/16 7:18 a.m.7 views

CVE-2025-5487

The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the fieldconditions parameter in all versions up to, and including, 5.2.3 due to insufficient escaping on the user supplied...

7.2CVSS7.5AI score0.00334EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.6 views

PT-2025-24041 · WordPress · Wp-Addpub

Name of the Vulnerable Software and Affected Versions: WP-Addpub plugin for WordPress versions 1.2.8 and earlier Description: The issue allows authenticated attackers with Contributor-level access or higher to inject SQL queries via the 'wp-addpub' shortcode. This is due to insufficient escaping ...

6.5CVSS6.4AI score0.00295EPSS
Exploits0References7
Rows per page
Query Builder