6 matches found
WordPress Tax Service Electronic HDM plugin <= 1.2.0 - Unauthenticated Arbitrary SQL Injection vulnerability
Unauthenticated Arbitrary SQL Injection vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin TAX SERVICE Electronic HDM versions = 1.2.0...
CVE-2025-12061
The CVE-2025-12061 entry concerns the TAX SERVICE Electronic HDM WordPress plugin prior to 1.2.1. Concretely, the vulnerability is a lack of authorization and CSRF checks in an AJAX action, enabling unauthenticated users to import and execute arbitrary SQL statements. This affects plugin versions...
WordPress plugin TAX SERVICE Electronic HDM 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A lack of authorization vulnerability exists in WordPress TAX SERVICE Electronic HDM, which stems from a lack of authorization and CSRF checks in AJAX operations. An attacker...
CVE-2024-54261
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...
CVE-2024-54261 WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...
CVE-2024-54261 WordPress TAX SERVICE Electronic HDM plugin <= 1.2.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through = 1.2.2...