CVE-2025-26946

CVE-2025-26946 refers to a SQL injection vulnerability in the WordPress plugin WP Yelp Review Slider. Connected sources corroborate that the issue affects WP Yelp Review Slider up to version 8.1 and is exploitable by an authenticated administrator. The vulnerability is described as an SQL injecti...

PT-2025-7858

Name of the Vulnerable Software and Affected Versions Jürgen Müller Easy Quotes versions 1.2.2 and earlier Description The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command...

CVE-2025-27297

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in guelben Bravo Search & Replace bravo-search-and-replace allows Blind SQL Injection.This issue affects Bravo Search & Replace: from n/a through = 1.0...

CVE-2025-27297

CVE-2025-27297 affects the WordPress Bravo Search & Replace plugin (versions

CVE-2025-27297 WordPress Bravo Search & Replace Plugin <= 1.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in guelben Bravo Search & Replace bravo-search-and-replace allows Blind SQL Injection.This issue affects Bravo Search & Replace: from n/a through = 1.0...

CVE-2025-22639

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Techspawn Distance Rate Shipping for WooCommerce distance-rate-shipping-for-woocommerce-pro allows Blind SQL Injection.This issue affects Distance Rate Shipping for WooCommerce: from n/a through =...

CVE-2025-22639

CVE-2025-22639 pertains to the WordPress plugin Distance Rate Shipping for WooCommerce (

CVE-2025-26755

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in jgwhite33 WP Airbnb Review Slider wp-airbnb-review-slider allows Blind SQL Injection.This issue affects WP Airbnb Review Slider: from n/a through = 3.9...

CVE-2025-26755

CVE-2025-26755 concerns the WordPress plugin WP Airbnb Review Slider. The vulnerability is an SQL Injection due to improper neutralization of input in the plugin, allowing Blind SQL Injection on versions

CVE-2025-25116

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in sudipto Link to URL / Post link-to-url-post allows Blind SQL Injection.This issue affects Link to URL / Post: from n/a through = 1.3...

CVE-2025-25116

CVE-2025-25116 affects the WordPress plugin Link to URL / Post (versions n/a through 1.3). Root cause: Improper Neutralization of Special Elements used in an SQL Command, enabling Blind SQL Injection. Impact aligns with CVSS v3.1: High overall (7.6), with confidentiality impact High and availabil...

CVE-2025-24587

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nks Email Subscription Popup email-subscribe allows Blind SQL Injection.This issue affects Email Subscription Popup: from n/a through = 1.2.23...

CVE-2025-22347

Cross-Site Request Forgery CSRF vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through = 3.9...

CVE-2022-1376

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEprivgrpHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-1258

A blind SQL injection vulnerability in the ePolicy Orchestrator ePO extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server...

CVE-2022-1375

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in DIAEslogHandler.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-1366

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in HandlerChart.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2022-1371

Delta Electronics DIAEnergie All versions prior to 1.8.02.004 has a blind SQL injection vulnerability exists in ReadRegf. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands...

CVE-2024-50332

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Insufficient input value validation causes Blind SQL injection in DeleteRelationShip. This issue has been addressed in versions 7.14.6 and 8.7.1. Users are advised to upgrade. There are no know...

CVE-2024-50479

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in chenyenming Woocommerce Quote Calculator woo-quote-calculator-order allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through = 1.1...