Lucene search
+L

24 matches found

NVD
NVD
added 2026/06/25 2:16 p.m.7 views

CVE-2026-54838

Subscriber SQL Injection in WC Vendors Marketplace = 2.6.8 versions...

8.5CVSS0.0027EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:12 p.m.17 views

CVE-2026-54838

CVE-2026-54838 affects WordPress WC Vendors Marketplace plugin up to version 2.6.8. The description documents a subscriber SQL injection vulnerability (no explicit root cause details provided). CVSS 3.1 base score 8.5 (HIGH) with network attack vector, low attack complexity, privileges required: ...

8.5CVSS5.9AI score0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:12 p.m.32 views

CVE-2026-54838 WordPress WC Vendors Marketplace plugin <= 2.6.8 - SQL Injection vulnerability

Subscriber SQL Injection in WC Vendors Marketplace = 2.6.8 versions...

8.5CVSS0.0027EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39368

Subscriber SQL Injection in WC Vendors Marketplace = 2.6.8 versions...

8.5CVSS5.9AI score0.0027EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/18 9:44 a.m.9 views

WordPress WC Vendors Marketplace plugin <= 2.6.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin WC Vendors Marketplace versions = 2.6.8...

8.5CVSS6AI score0.0027EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-17284

Malicious code in bioql PyPI...

7.6CVSS7.6AI score0.00355EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-12173

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00685EPSS
Exploits2References1
NVD
NVD
added 2025/06/06 1:15 p.m.9 views

CVE-2025-49263

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WCVendors WC Vendors Marketplace wc-vendors allows Blind SQL Injection.This issue affects WC Vendors Marketplace: from n/a through = 2.5.6...

7.6CVSS0.00355EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/06 12:53 p.m.5 views

CVE-2025-49263 WordPress WC Vendors Marketplace <= 2.5.6 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WCVendors WC Vendors Marketplace allows Blind SQL Injection. This issue affects WC Vendors Marketplace: from n/a through 2.5.6...

7.6CVSS7.9AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2025/06/06 12:53 p.m.45 views

CVE-2025-49263

The CVE-2025-49263 entry concerns WC Vendors Marketplace (WC Vendors) for WordPress, with an SQL Injection vulnerability in WC Vendors Marketplace that affects versions up to 2.5.6. The vulnerability stems from improper neutralization of special elements in SQL commands, enabling Blind SQL Inject...

7.6CVSS5.9AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/06 12:53 p.m.17 views

CVE-2025-49263 WordPress WC Vendors Marketplace plugin <= 2.5.6 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WCVendors WC Vendors Marketplace wc-vendors allows Blind SQL Injection.This issue affects WC Vendors Marketplace: from n/a through = 2.5.6...

7.6CVSS0.00355EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.3 views

PT-2025-24212 · Unknown · Wc Vendors Marketplace

Name of the Vulnerable Software and Affected Versions: WC Vendors Marketplace versions 2.5.6 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically an Improper Neutralization of Special Elements used in an SQL Command. This allows for Blind SQL Injection,...

7.6CVSS7.6AI score0.00355EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.4 views

WordPress plugin WC Vendors Marketplace SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

7.6CVSS7.8AI score0.00355EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/12/19 8:50 p.m.5 views

CVE-2023-48327 WordPress WC Vendors Marketplace Plugin <= 2.4.7 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WC Vendors WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors.This issue affects WC Vendors – WooCommerce Multi-Vendor, WooCommerce Marketplace, Product Vendors: from n...

7.6CVSS7.9AI score0.00725EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.4 views

WordPress plugin WC Vendors Marketplace SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

7.6CVSS8AI score0.00725EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/11/23 12:0 a.m.13 views

WordPress WC Vendors Marketplace Plugin <= 2.4.7 is vulnerable to SQL Injection

Software WC Vendors Marketplace Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-48327 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 9914d19a70b0 Credits LEE SE HYOUNG hackintoanetwork Required...

7.6CVSS7.2AI score0.00725EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/02/06 8:15 p.m.4 views

CVE-2023-0072

The WC Vendors Marketplace WordPress plugin before 2.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

5.4CVSS6.1AI score0.00685EPSS
Exploits2References1
NVD
NVD
added 2023/02/06 8:15 p.m.21 views

CVE-2023-0072

The WC Vendors Marketplace WordPress plugin before 2.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

5.4CVSS5.3AI score0.00685EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/02/06 7:59 p.m.5 views

CVE-2023-0072 WC Vendors Marketplace < 2.4.5 - Contributor+ Stored XSS

The WC Vendors Marketplace WordPress plugin before 2.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

6AI score0.00685EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/02/06 7:59 p.m.33 views

CVE-2023-0072 WC Vendors Marketplace < 2.4.5 - Contributor+ Stored XSS

The WC Vendors Marketplace WordPress plugin before 2.4.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attack...

5.5AI score0.00685EPSS
Exploits2References1
Rows per page
Query Builder