4679 matches found
CVE-2026-24956 WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shahjada Download Manager Addons for Elementor wpdm-elementor allows Blind SQL Injection.This issue affects Download Manager Addons for Elementor: from n/a through = 1.3.0...
CVE-2026-24956 WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shahjada Download Manager Addons for Elementor wpdm-elementor allows Blind SQL Injection.This issue affects Download Manager Addons for Elementor: from n/a through = 1.3.0...
CVE-2025-69337
CVE-2025-69337 corresponds to an SQL Injection vulnerability in the WordPress Wolmart Core plugin (wolmart-core) up to version 1.9.6. The issue is described as a Blind SQL Injection arising from improper neutralization of special elements in SQL commands. Wordfence’s vulnerability feed lists Wolm...
CVE-2025-69337 WordPress Wolmart Core plugin <= 1.9.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Wolmart Core wolmart-core allows Blind SQL Injection.This issue affects Wolmart Core: from n/a through = 1.9.6...
CVE-2025-69366 WordPress Emerce Core plugin <= 1.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Emerce Core emerce-core allows Blind SQL Injection.This issue affects Emerce Core: from n/a through = 1.8...
CVE-2025-69337 WordPress Wolmart Core plugin <= 1.9.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Wolmart Core wolmart-core allows Blind SQL Injection.This issue affects Wolmart Core: from n/a through = 1.9.6...
CVE-2025-69366
CVE-2025-69366 is a confirmed Blind/Unauthenticated SQL Injection in TeconceTheme Emerce Core (WordPress plugin emerce-core) up to version 1.8. Root cause: improper neutralization of SQL elements. Impact: high confidentiality risk and potential data exposure; CVSS 3.1 v3 base score 9.3. Remediati...
CVE-2025-69310 WordPress Woodly Core plugin <= 1.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Woodly Core woodly-core allows Blind SQL Injection.This issue affects Woodly Core: from n/a through = 1.4...
CVE-2025-69308 WordPress Nestbyte Core plugin <= 1.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Nestbyte Core nestbyte-core allows Blind SQL Injection.This issue affects Nestbyte Core: from n/a through = 1.2...
CVE-2025-69308 WordPress Nestbyte Core plugin <= 1.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Nestbyte Core nestbyte-core allows Blind SQL Injection.This issue affects Nestbyte Core: from n/a through = 1.2...
CVE-2025-69309 WordPress Saasplate Core plugin <= 1.2.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Saasplate Core saasplate-core allows Blind SQL Injection.This issue affects Saasplate Core: from n/a through = 1.2.8...
CVE-2025-69310
CVE-2025-69310 affects Woodly Core (WordPress Woodly Core plugin) up to version 1.4, with an SQL Injection vulnerability caused by improper neutralization of elements in an SQL command. The issue enables Blind SQL Injection and is rated high (CVSS 3.1: 9.3, AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L). T...
CVE-2025-69304 WordPress Allmart plugin <= 1.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a through = 1.1...
CVE-2025-69304 WordPress Allmart plugin <= 1.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a through = 1.1...
CVE-2025-69305 WordPress Crete Core plugin <= 1.4.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: from n/a through = 1.4.3...
CVE-2025-69305
CVE-2025-69305 is a documented SQL injection affecting WordPress Crete Core plugin versions up to and including 1.4.3, with exploitation described as Blind SQL Injection. The CVE entry is supported by multiple connected sources: NVD/NVD metadata notes Crete Core
CVE-2025-69304
CVE-2025-69304 affects WordPress Allmart plugin (allmart-core) up to version 1.1, with an unauthenticated Blind SQL Injection due to improper neutralization of SQL elements. CVSS 3.1 base score 9.3 (CRITICAL). Connected sources confirm the vulnerability description and affected versions, but do n...
CVE-2025-69306
The CVE-2025-69306 entry concerns WordPress Electio Core (electio-core) plugin versions up to 1.4, with an Unauthenticated SQL Injection vulnerability caused by improper neutralization of SQL commands. Public references indicate the issue affects Electio Core and describe it as Blind SQL Injectio...
CVE-2025-69295 WordPress Coven Core plugin <= 1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Coven Core coven-core allows Blind SQL Injection.This issue affects Coven Core: from n/a through = 1.3...
CVE-2025-69295
CVE-2025-69295 is a Blind SQL Injection vulnerability in the WordPress Coven Core (coven-core) plugin. Affected versions are Coven Core up to 1.3. The root cause is improper neutralization/sanitization of user input before SQL query construction, enabling remote attackers to craft queries that af...