CVE-2025-11501

The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the 'taxquery' parameter in all versions up to, and including, 1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

CVE-2025-11501

The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the 'taxquery' parameter in all versions up to, and including, 1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

EUVD-2025-34530

The Dynamically Display Posts plugin for WordPress is vulnerable to SQL Injection via the 'taxquery' parameter in all versions up to, and including, 1.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

WordPress plugin Dynamically Display Posts SQL注入漏洞

WordPress Dynamically Display Posts plugin is a WordPress plugin for creating a store locator page in your website that displays information about nearby stores via Google Maps. WordPress Dynamically Display Posts plugin suffers from a SQL injection vulnerability that stems from a lack of...

SQL Injection

johnpbloch/wordpress-core is vulnerable to sql injection. The vulnerability exists due to the lack of sanitization in the WPQuery in the cleanquery function of class-wp-tax-query.php, allowing an attacker to inject and execute malicious input through the plugins or themes...

PT-2020-12927 · WordPress · Media Library Assistant

Name of the Vulnerable Software and Affected Versions: media-library-assistant plugin versions prior to 2.82 for WordPress Description: The issue allows for Remote Code Execution via the tax query, meta query, or date query parameter in mla gallery through an admin interface. Recommendations: For...