CVE-2025-32303

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mojoomla WPCHURCH allows Blind SQL Injection.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-31643

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-31642

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dasinfomedia WPCHURCH allows Reflected XSS.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-32304

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mojoomla WPCHURCH allows PHP Local File Inclusion.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-32303

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mojoomla WPCHURCH allows Blind SQL Injection.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-32303 WordPress WPCHURCH plugin <= 2.7.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mojoomla WPCHURCH allows Blind SQL Injection.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-32303 WordPress WPCHURCH plugin <= 2.7.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mojoomla WPCHURCH allows Blind SQL Injection.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-32303

CVE-2025-32303 concerns the WPCHURCH WordPress plugin. Connected sources confirm a SQL Injection vulnerability (blind) caused by improper neutralization of special elements in SQL commands, with Unauthenticated access. Affected software: WPCHURCH

CVE-2025-31643

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-31643 WordPress WPCHURCH plugin <= 2.7.0 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-31643 WordPress WPCHURCH plugin <= 2.7.0 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0...

CVE-2025-31643

CVE-2025-31643 affects Dasinfomedia WPCHURCH up to version 2.7.0. The issue is described as an Incorrect Privilege Assignment that enables Privilege Escalation (high severity CVSS 3.1: 8.8; network, low attack complexity, low privileges required, no user interaction). Public exploit details are n...

EUVD-2025-206257

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dasinfomedia WPCHURCH allows Reflected XSS.This issue affects WPCHURCH: from n/a through 2.7.0...

WordPress plugin WPCHURCH 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2026-1650

Name of the Vulnerable Software and Affected Versions WPCHURCH versions through 2.7.0 Description A flaw exists in WPCHURCH that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This allows attackers to execute malicious queries. The...

PT-2026-1642

Name of the Vulnerable Software and Affected Versions Dasinfomedia WPCHURCH versions through 2.7.0 Description An incorrect privilege assignment exists in Dasinfomedia WPCHURCH, allowing for privilege escalation. The issue allows an attacker to gain elevated privileges within the system...

WordPress plugin WPCHURCH 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

WordPress和WordPress plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress...

CVE-2025-31642

CVE-2025-31642 – WPCHURCH Reflected XSS is confirmed in multiple sources for WordPress WPCHURCH up to version 2.7.0. The vulnerability arises from improper input neutralization during web page generation, enabling a reflected cross-site scripting attack. Affected software: Dasinfomedia WPCHURCH

CVE-2025-31642 WordPress WPCHURCH plugin <= 2.7.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dasinfomedia WPCHURCH allows Reflected XSS.This issue affects WPCHURCH: from n/a through 2.7.0...