31 matches found
CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter
The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...
CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter
The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...
WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter vulnerability
Authenticated Administrator+ SQL Injection via postid Parameter vulnerability discovered by Pham Van Tam in WordPress Plugin Indeed Ultimate Learning Pro versions = 3.9...
CVE-2025-22350
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...
CVE-2025-22350
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...
CVE-2025-22350
CVE-2025-22350 is an SQL Injection in the WordPress plugin Ultimate Learning Pro (WpIndeed Ultimate Learning Pro) affecting versions up to 3.9. The vulnerability stems from improper neutralization of special elements in SQL commands, enabling potential access to confidential data and impacting av...
CVE-2025-22350 WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...
CVE-2025-22350 WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...
WordPress plugin Ultimate Learning Pro SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
PT-2025-4464 · Unknown · Wpindeed Ultimate Learning Pro
Name of the Vulnerable Software and Affected Versions: WpIndeed Ultimate Learning Pro versions prior to 3.9 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, potentially...
WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Ultimate Learning Pro versions = 3.9...