CVE-2026-42646 WordPress TaxoPress plugin <= 3.44.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Burge TaxoPress simple-tags allows Blind SQL Injection.This issue affects TaxoPress: from n/a through = 3.44.0...

CVE-2026-42646

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Burge TaxoPress simple-tags allows Blind SQL Injection.This issue affects TaxoPress: from n/a through = 3.44.0...

ethical-hacking-ctf

🔐 Ethical Hacking CTF Writeup Coventry University — 7072SC...

CVE-2026-39486

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...

CVE-2026-40745

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

CVE-2026-40744

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through = 2.10.1.2...

CVE-2026-40745 WordPress Element Pack Elementor Addons plugin <= 8.4.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

PT-2026-33046

Name of the Vulnerable Software and Affected Versions Beaver Builder versions prior to 2.10.1.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data directl...

EUVD-2026-22077

Craft Commerce hasVariant/hasProduct Blind SQL Injection...

PT-2026-32659

CVE-2025-65135 In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fr… https://t.co/otOrMUqUKm...

CVE-2025-65135

CVE-2025-65135 affects manikandan580 School-management-system 1.0. The issue is a time-based blind SQL injection in /studentms/admin/between-date-reprtsdetails.php exploitable via the fromdate POST parameter. According to the data, the vulnerability has CVSS v3.1: Critical (Base Score 9.8) with n...

CVE-2026-32272 Craft Commerce: Blind SQL Injection via hasVariant/hasProduct

Craft Commerce is an ecommerce platform for Craft CMS. In versions 5.0.0 through 5.5.4, an SQL injection vulnerability exists where the ProductQuery::hasVariant and VariantQuery::hasProduct properties bypass the input sanitization blocklist added to ElementIndexesController in a prior security fi...

CVE-2026-39466

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind SQL Injection.This issue affects Broken Link Checker: from n/a through = 2.4.7...

blind-sqli-lab

🔬 Blind SQL Injection Lab — Time-Based PostgreSQL + FastAPI...

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

CVE-2026-39487

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ameliabooking Amelia ameliabooking allows Blind SQL Injection.This issue affects Amelia: from n/a through = 2.1.1...

CVE-2026-39495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

EUVD-2026-20164

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

EUVD-2026-20160

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...