CVE-2026-3057

A security flaw has been discovered in a54552239 pearProjectApi up to 2.8.10. Affected is the function dateTotalForProject of the file application/common/Model/Task.php of the component Backend Interface. The manipulation of the argument projectCode results in sql injection. The attack can be...

PT-2026-21654

Name of the Vulnerable Software and Affected Versions a54552239 pearProjectApi versions up to 2.8.10 Description A security flaw exists in a54552239 pearProjectApi. The dateTotalForProject function within the application/common/Model/Task.php file of the Backend Interface component is susceptible...

WordPress Checkbox plugin <= 2.8.10 - Missing Authorization to Unauthenticated Log Clearing vulnerability

Missing Authorization to Unauthenticated Log Clearing vulnerability discovered by Legion Hunter in WordPress Plugin Checkbox versions = 2.8.10...

EUVD-2025-198407

The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...

EUVD-2021-11831

Malware in sbrugna...

EUVD-2024-43368

Malicious code in bioql PyPI...

CVE-2025-57937 WordPress WPeMatico RSS Feed Fetcher Plugin <= 2.8.10 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in etruel WPeMatico RSS Feed Fetcher wpematico allows Retrieve Embedded Sensitive Data.This issue affects WPeMatico RSS Feed Fetcher: from n/a through = 2.8.10...

CVE-2025-57937 WordPress WPeMatico RSS Feed Fetcher Plugin <= 2.8.10 - Sensitive Data Exposure Vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in etruel WPeMatico RSS Feed Fetcher allows Retrieve Embedded Sensitive Data. This issue affects WPeMatico RSS Feed Fetcher: from n/a through 2.8.10...

CVE-2025-57937

CVE-2025-57937 describes a missing access control in the WPeMatico RSS Feed Fetcher (WPematico) plugin. The vulnerability exposes sensitive system information to an unauthorized actor, allowing retrieval of embedded sensitive data. Affected component: WPeMatico RSS Feed Fetcher; affected versions...

WordPress plugin WPeMatico RSS Feed Fetcher 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-47569

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through = 2.9.6...

CVE-2025-47569 WordPress WooCommerce Ultimate Gift Card plugin <= 2.9.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Blind SQL Injection.This issue affects WooCommerce Ultimate Gift Card: from n/a through = 2.9.6...

CVE-2025-47569 WordPress WooCommerce Ultimate Gift Card plugin <= 2.8.10 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates. This issue affects WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards...

PT-2025-36761

Name of the Vulnerable Software and Affected Versions: WPSwings WooCommerce Ultimate Gift Card - Create, Sell and Manage Gift Cards with Customized Email Templates versions through 2.8.10 Description: The software contains an SQL injection flaw that allows attackers to manipulate commands. This...

CVE-2024-49305

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPFactory Email Verification for WooCommerce emails-verification-for-woocommerce allows SQL Injection.This issue affects Email Verification for WooCommerce: from n/a through = 2.8.10...

PT-2025-1384 · Unknown · Pearprojectapi

Name of the Vulnerable Software and Affected Versions: pearProjectApi version 2.8.10 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the projectCode parameter at the "project.php" endpoint. Recommendations: For pearProjectApi version...

PearProject SQL注入漏洞

PearProject is a project management system backend interface for vilson individual developers. A security vulnerability exists in PearProject version v2.8.10, which originates from an SQL injection vulnerability contained via the projectCode parameter on project.php...

CVE-2023-27113

CVE-2023-27113 affects pearProjectApi v2.8.10, with a SQL injection vulnerability in project.php reachable via the organizationCode parameter. The issue’s root cause is a SQL injection in that parameter, exposing potential impacts to confidentiality, integrity, and availability as reflected by CV...

WordPress Customer Email Verification for WooCommerce plugin <= 2.8.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by shaman0x01 Patchstack Alliance in WordPress Plugin Email Verification for WooCommerce versions = 2.8.10...

WordPress Plugin System Dashboard Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...