4688 matches found
EUVD-2025-205211
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through = 1.10.1...
CVE-2025-68519
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...
CVE-2023-36525
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPJobBoard allows Blind SQL Injection.This issue affects WPJobBoard: from n/a through 5.9.0...
CVE-2023-36525
CVE-2023-36525 affects the WordPress WPJobBoard plugin (vulnerable through 5.9.0). The issue is an unauthenticated SQL Injection caused by improper neutralization of special elements in SQL commands, enabling blind SQL injection. Patchstack confirms the vulnerable versions
CVE-2025-68519 WordPress Brands for WooCommerce plugin <= 3.8.6.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BeRocket Brands for WooCommerce brands-for-woocommerce allows Blind SQL Injection.This issue affects Brands for WooCommerce: from n/a through = 3.8.6.3...
CVE-2025-68496 WordPress User Feedback plugin <= 1.10.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through = 1.10.0...
CVE-2025-68496
CVE-2025-68496 concerns the WordPress WordPress User Feedback plugin (Syed Balkhi) in the historic plugin “userfeedback-lite.” The issue is an SQL Injection vulnerability caused by improper neutralization of special elements in SQL commands, described as a Blind SQL Injection. Impact, as document...
CVE-2025-68550 WordPress WPBulky plugin <= 1.1.13 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VillaTheme WPBulky wpbulky-wp-bulk-edit-post-types allows Blind SQL Injection.This issue affects WPBulky: from n/a through = 1.1.13...
CVE-2025-68550 WordPress WPBulky plugin <= 1.1.13 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VillaTheme WPBulky allows Blind SQL Injection.This issue affects WPBulky: from n/a through 1.1.13...
CVE-2025-14314
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Roxnor PopupKit popup-builder-block allows Blind SQL Injection.This issue affects PopupKit: from n/a through = 2.1.5...
EUVD-2025-204061
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through 3.2.6...
CVE-2025-64371
The CVE-2025-64371 entry concerns the WordPress Traveler theme (Traveler) with a SQL Injection vulnerability in versions prior to 3.2.6. The root cause is improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Affected product/version: WordPress Traveler theme ...
CVE-2025-14314 WordPress PopupKit plugin <= 2.1.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Roxnor PopupKit popup-builder-block allows Blind SQL Injection.This issue affects PopupKit: from n/a through = 2.1.5...
CVE-2025-67950
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through = 4.9.1...
CVE-2025-68054
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...
EUVD-2025-203554
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...
CVE-2025-67950
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Blind SQL Injection.This issue affects All In One SEO Pack: from n/a through = 4.9.1...
CVE-2025-68054 WordPress CountDown With Image or Video Background plugin <= 1.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup CountDown With Image or Video Background countdownwithbackground allows Blind SQL Injection.This issue affects CountDown With Image or Video Background: from n/a through = 1.5...
CVE-2025-68053 WordPress xPromoter plugin <= 1.3.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup xPromoter topbarpromoter allows Blind SQL Injection.This issue affects xPromoter: from n/a through = 1.3.4...
CVE-2025-67999 WordPress Newsletter plugin <= 9.0.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stefano Lissa Newsletter newsletter allows Blind SQL Injection.This issue affects Newsletter: from n/a through = 9.0.9...