Lucene search
K

4216 matches found

Vulnrichment
Vulnrichment
added 2026/05/05 6:47 a.m.11 views

CVE-2026-40797 WordPress WebinarIgnition plugin <= 4.08.253 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: from n/a through 4.08.253...

9.3CVSS5.8AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/05 6:47 a.m.56 views

CVE-2026-40797 WordPress WebinarIgnition plugin <= 4.08.253 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: from n/a through 4.08.253...

9.3CVSS0.00339EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.11 views

PT-2026-36980

Name of the Vulnerable Software and Affected Versions WebinarIgnition versions prior to 4.08.253 Description WebinarIgnition contains an issue where improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a technique where an...

9.3CVSS5.9AI score0.00339EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.7 views

CVE-2026-7649

The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.0.60 due to insufficient escaping on the user supplied paramete...

7.5CVSS5.9AI score0.00335EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/02 6:44 a.m.5 views

EUVD-2026-26762

The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.0.60 due to insufficient escaping on the user supplied paramete...

7.5CVSS5.9AI score0.00335EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/29 2:48 p.m.6 views

CVE-2026-40745

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

7.6CVSS5.6AI score0.00236EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/29 10:40 a.m.37 views

CVE-2026-42646 WordPress TaxoPress plugin <= 3.44.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Burge TaxoPress simple-tags allows Blind SQL Injection.This issue affects TaxoPress: from n/a through = 3.44.0...

7.6CVSS0.00231EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/29 10:40 a.m.4 views

CVE-2026-42646

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Burge TaxoPress simple-tags allows Blind SQL Injection.This issue affects TaxoPress: from n/a through = 3.44.0...

7.6CVSS5.5AI score0.00231EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/26 2:17 a.m.140 views

ethical-hacking-ctf

🔐 Ethical Hacking CTF Writeup Coventry University — 7072SC...

10CVSS7.2AI score0.97485EPSS
Exploits14
RedhatCVE
RedhatCVE
added 2026/04/22 1:22 a.m.10 views

CVE-2026-39486

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...

8.5CVSS5.8AI score0.00256EPSS
Exploits0References1
NVD
NVD
added 2026/04/15 11:16 a.m.5 views

CVE-2026-40744

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through = 2.10.1.2...

8.5CVSS0.0022EPSS
Exploits0References1
NVD
NVD
added 2026/04/15 11:16 a.m.6 views

CVE-2026-40745

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

7.6CVSS0.00236EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 10:21 a.m.5 views

CVE-2026-40745 WordPress Element Pack Elementor Addons plugin <= 8.4.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through = 8.4.2...

7.6CVSS5.9AI score0.00236EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.6 views

PT-2026-33046

Name of the Vulnerable Software and Affected Versions Beaver Builder versions prior to 2.10.1.3 Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data directl...

8.5CVSS5.9AI score0.0022EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/14 12:6 a.m.5 views

EUVD-2026-22077

Craft Commerce hasVariant/hasProduct Blind SQL Injection...

8.7CVSS5.9AI score0.00304EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/13 8:25 p.m.2 views

CVE-2026-32272 Craft Commerce: Blind SQL Injection via hasVariant/hasProduct

Craft Commerce is an ecommerce platform for Craft CMS. In versions 5.0.0 through 5.5.4, an SQL injection vulnerability exists where the ProductQuery::hasVariant and VariantQuery::hasProduct properties bypass the input sanitization blocklist added to ElementIndexesController in a prior security fi...

8.7CVSS6AI score0.00304EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/13 7:24 p.m.5 views

CVE-2026-39466

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind SQL Injection.This issue affects Broken Link Checker: from n/a through = 2.4.7...

7.6CVSS5.9AI score0.00279EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/13 12:32 a.m.93 views

blind-sqli-lab

🔬 Blind SQL Injection Lab — Time-Based PostgreSQL + FastAPI...

6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/10 7:23 p.m.7 views

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...

7.6CVSS5.9AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.11 views

CVE-2026-39495

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in NSquared Simply Schedule Appointments simply-schedule-appointments allows Blind SQL Injection.This issue affects Simply Schedule Appointments: from n/a through = 1.6.9.27...

8.5CVSS5.9AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder