Lucene search
K

31 matches found

Cvelist
Cvelist
added 2025/02/21 11:9 a.m.29 views

CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

4.9CVSS0.00367EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/21 11:9 a.m.11 views

CVE-2024-13846 Indeed Ultimate Learning Pro <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter

The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘postid’ parameter in all versions up to, and including, 3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes...

4.9CVSS5.2AI score0.00367EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/02/20 11:42 p.m.23 views

WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - Authenticated (Administrator+) SQL Injection via post_id Parameter vulnerability

Authenticated Administrator+ SQL Injection via postid Parameter vulnerability discovered by Pham Van Tam in WordPress Plugin Indeed Ultimate Learning Pro versions = 3.9...

4.9CVSS8.1AI score0.00367EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/06 2:26 a.m.8 views

CVE-2025-22350

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...

7.6CVSS8.9AI score0.00494EPSS
Exploits0References1
NVD
NVD
added 2025/01/07 5:15 p.m.28 views

CVE-2025-22350

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...

7.6CVSS0.00494EPSS
Exploits0References1
CVE
CVE
added 2025/01/07 4:48 p.m.63 views

CVE-2025-22350

CVE-2025-22350 is an SQL Injection in the WordPress plugin Ultimate Learning Pro (WpIndeed Ultimate Learning Pro) affecting versions up to 3.9. The vulnerability stems from improper neutralization of special elements in SQL commands, enabling potential access to confidential data and impacting av...

7.6CVSS8.9AI score0.00494EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/07 4:48 p.m.13 views

CVE-2025-22350 WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...

7.6CVSS7.9AI score0.00494EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/07 4:48 p.m.29 views

CVE-2025-22350 WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a through 3.9...

7.6CVSS0.00494EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/07 12:0 a.m.4 views

WordPress plugin Ultimate Learning Pro SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

7.6CVSS8.8AI score0.00494EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.4 views

PT-2025-4464 · Unknown · Wpindeed Ultimate Learning Pro

Name of the Vulnerable Software and Affected Versions: WpIndeed Ultimate Learning Pro versions prior to 3.9 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection, potentially...

7.6CVSS9.8AI score0.00494EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/01/03 2:40 p.m.5 views

WordPress Indeed Ultimate Learning Pro plugin <= 3.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Pham Van Tam Patchstack Alliance in WordPress Plugin Ultimate Learning Pro versions = 3.9...

7.6CVSS8.1AI score0.00494EPSS
Exploits0Affected Software1
Rows per page
Query Builder