Lucene search
+L

10 matches found

cvelist
cvelist
added 3 days ago29 views

CVE-2026-57771 WordPress GD Rating System plugin <= 3.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through = 3.7...

8.5CVSS0.00253EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/16 8:57 p.m.24 views

CVE-2025-69151 WordPress Grand Car Rental theme <= 3.7 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Grand Car Rental = 3.7 versions...

7.1CVSS0.0018EPSS
Exploits0References1
patchstack
patchstack
added 2026/03/03 11:3 a.m.7 views

WordPress Car Zone theme <= 3.7 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Car Zone versions = 3.7...

8.8CVSS5.9AI score0.00381EPSS
Exploits0Affected Software1
patchstack
patchstack
added 2025/12/31 12:0 a.m.9 views

WordPress WordPress Auction plugin <= 3.7 - Editor+ SQL Injection vulnerability

Editor+ SQL Injection vulnerability discovered by Thanh Kieu in WordPress Plugin WordPress Auction Plugin versions = 3.7...

9.8CVSS6AI score0.00617EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2025/10/22 2:32 p.m.8 views

CVE-2025-49911 WordPress WooCommerce Vehicle Parts Finder plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpinstinct WooCommerce Vehicle Parts Finder woo-vehicle-parts-finder allows Reflected XSS.This issue affects WooCommerce Vehicle Parts Finder: from n/a through = 3.7...

7.1CVSS0.00208EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/01/07 6:0 a.m.9 views

CVE-2024-8855 WordPress Auction <= 3.7 - Editor+ SQL Injection

The WordPress Auction Plugin WordPress plugin through 3.7 does not sanitize and escape a parameter before using it in a SQL statement, allowing editors and above to perform SQL injection attacks...

9.7AI score0.00617EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2024/12/06 1:7 p.m.22 views

CVE-2024-51615 WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through = 3.7...

9.3CVSS7.3AI score0.00449EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/12/06 12:0 a.m.8 views

PT-2024-34758 · WordPress · Wordpress Auction Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Auction Plugin versions n/a through 3.7 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.3CVSS8.2AI score0.00449EPSS
Exploits0References5
patchstack
patchstack
added 2024/11/07 10:39 p.m.6 views

WordPress Easy SVG Support plugin <= 3.7 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Easy SVG Support versions = 3.7...

6.4CVSS5.7AI score0.00288EPSS
Exploits0References1Affected Software1
osv
osv
added 2024/06/12 10:15 a.m.4 views

CVE-2023-25030

Missing Authorization vulnerability in Buy Me a Coffee.This issue affects Buy Me a Coffee: from n/a through 3.7...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References1
Rows per page
Query Builder