9 matches found
CVE-2026-4348
The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...
WordPress BetterDocs Pro plugin <= 3.7.0 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by h0xilo in WordPress Plugin BetterDocs Pro versions = 3.7.0...
CVE-2026-4348
The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...
CVE-2026-4348 BetterDocs Pro <= 3.7.0 - Unauthenticated SQL Injection via Encyclopedia 'limit' Parameter
The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...
CVE-2026-4348
The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...
CVE-2026-4348
CVE-2026-4348 affects the BetterDocs Pro WordPress plugin (≤ 3.7.0). The vulnerability is an unauthenticated SQL injection in the get_current_letter_docs and docs_sort_by_letter AJAX actions, where the limit POST parameter is interpolated directly into a SQL query before $wpdb->prepare(), enab...
CVE-2026-4348 BetterDocs Pro <= 3.7.0 - Unauthenticated SQL Injection via Encyclopedia 'limit' Parameter
The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...
WordPress plugin BetterDocs Pro SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-38341
The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the get current letter docs and docs sort by letter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed ...