CVE-2024-48043

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Blind SQL Injection.This issue affects ShortPixel Image Optimizer: from n/a through = 5.6.3...

CVE-2024-8924

ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners...

CVE-2024-53807

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through = 1.8.16.0...

CVE-2024-53793

Cross-Site Request Forgery CSRF vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows Blind SQL Injection.This issue affects eDoc Easy Tables: from n/a through = 1.29...

CVE-2024-53817

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in acowebs Product Labels For Woocommerce aco-product-labels-for-woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through = 1.5.8...

CVE-2025-24728

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yannick Lefebvre Bug Library bug-library allows Blind SQL Injection.This issue affects Bug Library: from n/a through = 2.1.4...

CVE-2025-24587

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nks Email Subscription Popup email-subscribe allows Blind SQL Injection.This issue affects Email Subscription Popup: from n/a through = 1.2.23...

CVE-2025-23931

CVE-2025-23931 is a SQL Injection vulnerability affecting WordPress Local SEO (WordPress Local SEO plugin) up to version 2.3. The issue stems from improper neutralization of input in SQL commands, enabling Blind SQL Injection. Public references show the CVE-2025-23931 entry, with an explicit affe...

CVE-2025-23931 WordPress WordPress Local SEO plugin <= 2.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliver Fuhrmann WordPress Local SEO dh-local-seo allows Blind SQL Injection.This issue affects WordPress Local SEO: from n/a through = 2.3...

CVE-2025-23931 WordPress WordPress Local SEO plugin <= 2.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliver Fuhrmann WordPress Local SEO dh-local-seo allows Blind SQL Injection.This issue affects WordPress Local SEO: from n/a through = 2.3...

CVE-2025-22710

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce allows Blind SQL Injection.This issue affects Smart Manager: from n/a through = 8.52.0...

Exploit for CVE-2025-22710

CVE-2025-22710 1️⃣ Component type WordPress plugin 2️...

CVE-2023-37931

The CVE corresponds to Fortinet FortiVoice Entreprise SQL injection, where improper neutralization of SQL elements enables a blind SQLi via crafted HTTP/HTTPS requests. Affected: FortiVoice Entreprise 7.0.0–7.0.1 and older than 6.4.8. Impact: authenticated attacker can perform a blind SQL injecti...

CVE-2025-21628

CVE-2025-21628 affects Chatwoot (conversation and contact filters endpoints). Before version 3.16.0, user-provided query_operator input was not sanitized, enabling an authenticated actor to inject arbitrary SQL into the filter query (tautological WHERE clause). Impact is mitigated by upgrading to...

CVE-2025-22540

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...

CVE-2025-22542 WordPress Virtual Bot Plugin <= 1.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ofek Nakar Virtual Bot virtual-bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a through = 1.0.0...

CVE-2025-22542 WordPress Virtual Bot Plugin <= 1.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ofek Nakar Virtual Bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a through 1.0.0...

CVE-2025-22352

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes elex-bulk-edit-products-prices-attributes-for-woocommerce-basic allows Blind SQL Injection.This issue affects ELEX...

CVE-2025-22347

Cross-Site Request Forgery CSRF vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through = 3.9...

CVE-2024-51715 WordPress ClickWhale plugin <= 2.4.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickWhale ClickWhale clickwhale allows Blind SQL Injection.This issue affects ClickWhale: from n/a through = 2.4.1...