WordPress TableOn plugin <= 1.0.5.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hhhai in WordPress Plugin TableOn versions = 1.0.5.1...

EUVD-2026-32203

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...

PT-2026-43663

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through = 1.0.5.1...

CVE-2025-14156

The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the /fox-lms/v1/payments/create-order REST API endpoint...

EUVD-2025-203362

The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the /fox-lms/v1/payments/create-order REST API endpoint...

CVE-2025-14156

The Fox LMS – WordPress LMS Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.5.1. This is due to the plugin not properly validating the 'role' parameter when creating new users via the /fox-lms/v1/payments/create-order REST API endpoint...

CVE-2025-4216 DIOT SCADA with MQTT <= 1.0.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The DIOT SCADA with MQTT plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'diot' shortcode in all versions up to, and including, 1.0.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

Adobe Framemaker DLL Hijacking Vulnerability

Adobe FrameMaker is a page layout software provided by the American company Audobee Adobe. A DLL hijacking vulnerability exists in Adobe Framemaker 1.0.5.1 and earlier versions. An attacker can exploit this vulnerability to elevate privileges...

CVE-2017-2267

Untrusted search path vulnerability in FileCapsule Deluxe Portable Ver.1.0.5.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

DSA-727-1 libconvert-uulib-perl - buffer overflow

Bulletin has no description...