CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2026/01/07 9:11 a.m.•15 views

CVE-2025-1648

The Yawave plugin for WordPress is vulnerable to SQL Injection via the 'lbid' parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated...

7.5CVSS7.5AI score0.00849EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-5072

Malicious code in bioql PyPI...

7.5CVSS8.7AI score0.00849EPSS

Exploits1References3

OSV•added 2025/02/25 7:15 a.m.•0 views

CVE-2025-1648

7.5CVSS7.3AI score

Exploits0References3

NVD•added 2025/02/25 7:15 a.m.•9 views

CVE-2025-1648

7.5CVSS0.00849EPSS

Exploits1References3

Cvelist•added 2025/02/25 6:58 a.m.•10 views

CVE-2025-1648 Yawave <= 2.9.1 - Unauthenticated SQL Injection

7.5CVSS0.00849EPSS

Exploits1References3

Vulnrichment•added 2025/02/25 6:58 a.m.•9 views

CVE-2025-1648 Yawave <= 2.9.1 - Unauthenticated SQL Injection

7.5CVSS7.7AI score0.00849EPSS

Exploits1References3

CVE•added 2025/02/25 6:58 a.m.•74 views

CVE-2025-1648

CVE-2025-1648 : The Yawave WordPress plugin is vulnerable to an unauthenticated SQL Injection via the ‘lbid’ parameter in all versions up to and including 2.9.1. The issue stems from insufficient escaping and lack of proper parameterization in the existing SQL query, allowing an attacker to appen...

7.5CVSS7.6AI score0.00849EPSS

Exploits1References3Affected Software1

CNNVD•added 2025/02/25 12:0 a.m.•2 views

WordPress plugin Yawave SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

7.5CVSS8.8AI score0.00849EPSS

Exploits1References4