Lucene search
K

4216 matches found

NVD
NVD
added 12 hours ago5 views

CVE-2026-59515

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sergey AIWU ai-copilot-content-generator allows Blind SQL Injection.This issue affects AIWU: from n/a through = 1.5.4...

9.3CVSS
Exploits0References1
NVD
NVD
added 12 hours ago4 views

CVE-2026-57787

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeWS CWS SVGicons cws-svgicons allows Blind SQL Injection.This issue affects CWS SVGicons: from n/a through = 1.5.5...

8.5CVSS
Exploits0References1
NVD
NVD
added 12 hours ago3 views

CVE-2026-57771

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through = 3.7...

8.5CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago6 views

CVE-2026-57773 WordPress Advanced Shipment Tracking for WooCommerce plugin <= 4.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through = 4.0...

7.6CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago5 views

CVE-2026-57787 WordPress CWS SVGicons plugin <= 1.5.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeWS CWS SVGicons cws-svgicons allows Blind SQL Injection.This issue affects CWS SVGicons: from n/a through = 1.5.5...

8.5CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago5 views

CVE-2026-57810 WordPress APIExperts Square for WooCommerce plugin <= 4.7.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through = 4.7.4...

8.5CVSS
Exploits0References1
CVE
CVE
added 14 hours ago7 views

CVE-2026-61955

CVE-2026-61955 concerns a SQL Injection in the WordPress plugin persian-gravity-forms (Gرویتی فرم فارسی) by Hannan, with vulnerability up to version

7.6CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 14 hours ago6 views

CVE-2026-59515 WordPress AIWU plugin <= 1.5.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sergey AIWU ai-copilot-content-generator allows Blind SQL Injection.This issue affects AIWU: from n/a through = 1.5.4...

9.3CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago6 views

CVE-2026-57771 WordPress GD Rating System plugin <= 3.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through = 3.7...

8.5CVSS
Exploits0References1
CVE
CVE
added 14 hours ago8 views

CVE-2026-57702

The WordPress Amelia plugin (Amelia ameliabooking)

9.3CVSS6.1AI score
Exploits0References1
CVE
CVE
added 14 hours ago8 views

CVE-2026-57726

CVE-2026-57726 affects the WordPress Kirki plugin (versions up to and including 6.0.12). The issue is an SQL Injection vulnerability due to improper neutralization of special elements in SQL commands, enabling blind SQL injection. The CVSS v3.1 vector indicates high impact with network access, no...

9.3CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added 14 hours ago4 views

CVE-2026-57726 WordPress Kirki plugin <= 6.0.12 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeum Kirki kirki allows Blind SQL Injection.This issue affects Kirki: from n/a through = 6.0.12...

9.3CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago5 views

CVE-2026-57702 WordPress Amelia plugin <= 2.4.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Melograno Venture Studio Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through = 2.4.2...

9.3CVSS
Exploits0References1
Cvelist
Cvelist
added 14 hours ago4 views

CVE-2026-57385 WordPress Vitepos plugin <= 3.4.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in appsbd Vitepos vitepos-lite allows Blind SQL Injection.This issue affects Vitepos: from n/a through = 3.4.2...

8.5CVSS
Exploits0References1
Nuclei
Nuclei
added 18 hours ago86 views

Doctor Appointment System 1.0 - SQL Injection

Blind SQL injection in contactus.php in Doctor Appointment System 1.0 allows an unauthenticated attacker to insert malicious SQL queries via firstname parameter. id: CVE-2021-27320 info: name: Doctor Appointment System 1.0 - SQL Injection author: theamanrawat severity: high description: | Blind S...

7.5CVSS7AI score0.09299EPSS
Exploits3References3
Nuclei
Nuclei
added 18 hours ago185 views

Jms Blog - SQL Injection

The module Jms Blog jmsblog from Joommasters contains a Time Based SQL injection vulnerability. This module is for the PrestaShop e-commerce platform and mainly provided with joommasters PrestaShop themes id: CVE-2023-27034 info: name: Jms Blog - SQL Injection author: MaStErChO severity: critical...

9.8CVSS7.1AI score0.58743EPSS
Exploits0References5
CVE
CVE
added 3 days ago8 views

CVE-2026-15290

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin for WordPress is vulnerable to blind SQL Injection via the search parameter in all versions up to 2.10.1 due to insufficient escaping and lack of proper SQL query preparation. This a...

7.5CVSS6AI score0.00393EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-15290

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to blind SQL Injection via the search parameter in all versions up to, and including, 2.10.1 due to insufficient escaping on the user supplied...

7.5CVSS6AI score0.00393EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 4 days ago9 views

PT-2026-56938

Missing Authorization vulnerability in vowelweb VW Food Corner vw-food-corner allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Food Corner: from n/a through = 1.1.0...

5.3CVSS6.1AI score
Exploits0References3
CVE
CVE
added 2026/07/01 3:11 p.m.56 views

CVE-2026-57517

Control Web Panel prior to version 0.9.8.1225 is affected by CVE-2026-57517, a blind SQL injection via the userRes POST parameter at the user endpoint. The vulnerability allows unauthenticated remote attackers to execute arbitrary SQL queries, potentially leveraging MySQL root privileges obtained...

9.8CVSS6.7AI score0.00587EPSS
Exploits2References4
Rows per page
Query Builder