CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/02/20 3:47 p.m.•21 views

CVE-2026-24956 WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shahjada Download Manager Addons for Elementor wpdm-elementor allows Blind SQL Injection.This issue affects Download Manager Addons for Elementor: from n/a through = 1.3.0...

Vulnrichment•added 2026/02/20 3:47 p.m.•3 views

CVE-2026-24956 WordPress Download Manager Addons for Elementor plugin <= 1.3.0 - SQL Injection vulnerability

5.6AI score0.00045EPSS

CVE•added 2026/02/20 3:47 p.m.•9 views

CVE-2026-24956

CVE-2026-24956 is a SQL Injection vulnerability in WordPress plugin “Download Manager Addons for Elementor” (wpdm-elementor) up to and including version 1.3.0. The issue allows unauthenticated blind SQL injection and affects the plugin as used with Elementor, per Patchstack and Red Hat/NVD refere...

CVE•added 2026/02/20 3:46 p.m.•7 views

CVE-2025-69366

CVE-2025-69366 is a confirmed Blind/Unauthenticated SQL Injection in TeconceTheme Emerce Core (WordPress plugin emerce-core) up to version 1.8. Root cause: improper neutralization of SQL elements. Impact: high confidentiality risk and potential data exposure; CVSS 3.1 v3 base score 9.3. Remediati...

Vulnrichment•added 2026/02/20 3:46 p.m.•2 views

CVE-2025-69337 WordPress Wolmart Core plugin <= 1.9.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in don-themes Wolmart Core wolmart-core allows Blind SQL Injection.This issue affects Wolmart Core: from n/a through = 1.9.6...

CVE•added 2026/02/20 3:46 p.m.•8 views

CVE-2025-69337

CVE-2025-69337 corresponds to an SQL Injection vulnerability in the WordPress Wolmart Core plugin (wolmart-core) up to version 1.9.6. The issue is described as a Blind SQL Injection arising from improper neutralization of special elements in SQL commands. Wordfence’s vulnerability feed lists Wolm...

Vulnrichment•added 2026/02/20 3:46 p.m.•3 views

CVE-2025-69366 WordPress Emerce Core plugin <= 1.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Emerce Core emerce-core allows Blind SQL Injection.This issue affects Emerce Core: from n/a through = 1.8...

Cvelist•added 2026/02/20 3:46 p.m.•23 views

CVE-2025-69337 WordPress Wolmart Core plugin <= 1.9.6 - SQL Injection vulnerability

Vulnrichment•added 2026/02/20 3:46 p.m.•2 views

CVE-2025-69309 WordPress Saasplate Core plugin <= 1.2.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Saasplate Core saasplate-core allows Blind SQL Injection.This issue affects Saasplate Core: from n/a through = 1.2.8...

Cvelist•added 2026/02/20 3:46 p.m.•18 views

CVE-2025-69310 WordPress Woodly Core plugin <= 1.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Woodly Core woodly-core allows Blind SQL Injection.This issue affects Woodly Core: from n/a through = 1.4...

CVE•added 2026/02/20 3:46 p.m.•7 views

CVE-2025-69310

CVE-2025-69310 affects Woodly Core (WordPress Woodly Core plugin) up to version 1.4, with an SQL Injection vulnerability caused by improper neutralization of elements in an SQL command. The issue enables Blind SQL Injection and is rated high (CVSS 3.1: 9.3, AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L). T...

Vulnrichment•added 2026/02/20 3:46 p.m.•3 views

CVE-2025-69308 WordPress Nestbyte Core plugin <= 1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Nestbyte Core nestbyte-core allows Blind SQL Injection.This issue affects Nestbyte Core: from n/a through = 1.2...

9.3CVSS5.6AI score0.00045EPSS

Cvelist•added 2026/02/20 3:46 p.m.•18 views

CVE-2025-69308 WordPress Nestbyte Core plugin <= 1.2 - SQL Injection vulnerability

CVE•added 2026/02/20 3:46 p.m.•6 views

CVE-2025-69305

CVE-2025-69305 is a documented SQL injection affecting WordPress Crete Core plugin versions up to and including 1.4.3, with exploitation described as Blind SQL Injection. The CVE entry is supported by multiple connected sources: NVD/NVD metadata notes Crete Core

CVE•added 2026/02/20 3:46 p.m.•6 views

CVE-2025-69306

The CVE-2025-69306 entry concerns WordPress Electio Core (electio-core) plugin versions up to 1.4, with an Unauthenticated SQL Injection vulnerability caused by improper neutralization of SQL commands. Public references indicate the issue affects Electio Core and describe it as Blind SQL Injectio...

CVE•added 2026/02/20 3:46 p.m.•7 views

CVE-2025-69304

CVE-2025-69304 affects WordPress Allmart plugin (allmart-core) up to version 1.1, with an unauthenticated Blind SQL Injection due to improper neutralization of SQL elements. CVSS 3.1 base score 9.3 (CRITICAL). Connected sources confirm the vulnerability description and affected versions, but do n...

Vulnrichment•added 2026/02/20 3:46 p.m.•3 views

CVE-2025-69305 WordPress Crete Core plugin <= 1.4.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Crete Core crete-core allows Blind SQL Injection.This issue affects Crete Core: from n/a through = 1.4.3...

Cvelist•added 2026/02/20 3:46 p.m.•18 views

CVE-2025-69304 WordPress Allmart plugin <= 1.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in TeconceTheme Allmart allmart-core allows Blind SQL Injection.This issue affects Allmart: from n/a through = 1.1...