CVE-2025-32681

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through = 1.0.5...

CVE-2025-32558

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ketanajani Duplicate Title Checker duplicate-title-checker allows Blind SQL Injection.This issue affects Duplicate Title Checker: from n/a through = 1.2...

CVE-2025-31565

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Lisandro Martinez WPSmartContracts wp-smart-contracts allows Blind SQL Injection.This issue affects WPSmartContracts: from n/a through = 2.0.12...

CVE-2025-32119

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CardGate CardGate Payments for WooCommerce cardgate allows Blind SQL Injection.This issue affects CardGate Payments for WooCommerce: from n/a through = 3.2.1...

CVE-2025-32547

Cross-Site Request Forgery CSRF vulnerability in gtlwpdev All push notification for WP all-push-notification allows Blind SQL Injection.This issue affects All push notification for WP: from n/a through = 1.5.3...

CVE-2025-32677

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in solwininfotech WP Social Stream Designer social-stream-design allows Blind SQL Injection.This issue affects WP Social Stream Designer: from n/a through = 1.3...

CVE-2025-32681

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through = 1.0.5...

CVE-2025-32603

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in HK WP Online Users Stats wp-online-users-stats allows Blind SQL Injection.This issue affects WP Online Users Stats: from n/a through = 1.0.0...

CVE-2025-32558

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ketanajani Duplicate Title Checker duplicate-title-checker allows Blind SQL Injection.This issue affects Duplicate Title Checker: from n/a through = 1.2...

WordPress plugin WP Online Users Stats SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress plugin Error Log Viewer SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A SQL injection...

CVE-2025-32677

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in solwininfotech WP Social Stream Designer social-stream-design allows Blind SQL Injection.This issue affects WP Social Stream Designer: from n/a through = 1.3...

CVE-2025-32547

Cross-Site Request Forgery CSRF vulnerability in gtlwpdev All push notification for WP all-push-notification allows Blind SQL Injection.This issue affects All push notification for WP: from n/a through = 1.5.3...

CVE-2025-32547

CVE-2025-32547 affects the WordPress plugin “All push notification for WP” (versions up to 1.5.3). The issue is described as a CSRF-to-SQL Injection vulnerability with an unpatched status in the public reports. The connected Wordfence post lists this CVE under “All push notification for WP

WordPress plugin WP Social Stream Designer SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

GHSA-8G35-7RMW-7F59 Shopware Vulnerable to Blind SQL-injection in DAL aggregations

Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this...

CVE-2025-32122

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stylemix uListing ulisting allows Blind SQL Injection.This issue affects uListing: from n/a through = 2.2.0...

CVE-2025-32120

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edanzer Easy Query – WP Query Builder easy-query allows Blind SQL Injection.This issue affects Easy Query – WP Query Builder: from n/a through = 2.0.4...

CVE-2025-31911

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in reputeinfosystems Social Share And Social Locker social-share-and-social-locker-arsocial allows Blind SQL Injection.This issue affects Social Share And Social Locker: from n/a through = 1.4.2...

CVE-2025-32122

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stylemix uListing ulisting allows Blind SQL Injection.This issue affects uListing: from n/a through = 2.2.0...