CVE-2025-32643

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPGYM allows Blind SQL Injection. This issue affects WPGYM: from n/a through 65.0...

CVE-2025-47567

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Video Player & FullScreen Video Background universal-video-player-and-bg allows Blind SQL Injection.This issue affects Video Player & FullScreen Video Background: from n/a through =...

CVE-2025-39481

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...

CVE-2025-32643

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPGYM allows Blind SQL Injection. This issue affects WPGYM: from n/a through 65.0...

CVE-2025-32643

CVE-2025-32643 affects the WPGYM WordPress Gym Management System plugin. Affected versions up to 65.0 suffer from improper neutralization of special elements in SQL commands, enabling a blind SQL injection. Public sources confirm the vulnerability, with patches available in newer releases (e.g., ...

CVE-2025-39481

CVE-2025-39481 describes a SQL Injection in the WordPress plugin Eventer (imithemes Eventer) via improper neutralization of special elements in SQL commands, enabling Blind SQL Injection. Affected: Eventer versions up to before 3.11.4 (i.e., 3.11.3 and earlier). Impact as per sources is high conf...

PT-2025-21696

Name of the Vulnerable Software and Affected Versions: imithemes Eventer versions 3.9.6 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically Improper Neutralization of Special Elements used in an SQL Command, which allows Blind SQL Injection...

PT-2025-21713 · Unknown · Lambertgroup Video Player & Fullscreen Video Background

Name of the Vulnerable Software and Affected Versions: LambertGroup Video Player & FullScreen Video Background versions 2.4.1 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as SQL Injection. This allows for Blind...

CVE-2025-47587

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce YaySMTP yaysmtp allows Blind SQL Injection.This issue affects YaySMTP: from n/a through = 2.6.4...

CVE-2025-47587

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce YaySMTP yaysmtp allows Blind SQL Injection.This issue affects YaySMTP: from n/a through = 2.6.4...

CVE-2025-47544

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce allows Blind SQL Injection. This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through 4.5.8...

CVE-2025-47544

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Blind SQL Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a throu...

CVE-2025-47587

CVE-2025-47587: WordPress YaySMTP

CVE-2025-47587 WordPress YaySMTP plugin <= 2.6.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in YayCommerce YaySMTP yaysmtp allows Blind SQL Injection.This issue affects YaySMTP: from n/a through = 2.6.4...

CVE-2025-47544

CVE-2025-47544 refers to the WordPress plugin Dynamic Pricing With Discount Rules for WooCommerce (aco-woo-dynamic-pricing) with versions up to 4.5.8 affected by an SQL Injection due to improper neutralization of input. The vulnerability enables blind SQL injection. Remediation per PT security gu...

CVE-2025-2812

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection.This issue affects Ticket Sales Automation: before 03.04.2025 DD.MM.YYYY...

CVE-2025-2812

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection. This issue affects Ticket Sales Automation: before 03.04.2025 DD.MM.YYYY...

CVE-2025-2812 SQLi in Mydata Informatics' Ticket Sales Automation

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mydata Informatics Ticket Sales Automation allows Blind SQL Injection. This issue affects Ticket Sales Automation: before 03.04.2025 DD.MM.YYYY...

CVE-2025-2812

CVE-2025-2812 concerns an SQL Injection in Mydata Informatics’ Ticket Sales Automation. The vulnerability arises from improper neutralization of SQL elements, enabling blind SQL injection in the application (Ticket Sales Automation) prior to 03.04.2025. Documented impact is high: potential data d...

CVE-2025-39566

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Bob Hostel hostel allows Blind SQL Injection.This issue affects Hostel: from n/a through = 1.1.5.6...