CVE-2025-23931 WordPress WordPress Local SEO plugin <= 2.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliver Fuhrmann WordPress Local SEO dh-local-seo allows Blind SQL Injection.This issue affects WordPress Local SEO: from n/a through = 2.3...

CVE-2025-23931 WordPress WordPress Local SEO plugin <= 2.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oliver Fuhrmann WordPress Local SEO dh-local-seo allows Blind SQL Injection.This issue affects WordPress Local SEO: from n/a through = 2.3...

CVE-2025-22710

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce allows Blind SQL Injection.This issue affects Smart Manager: from n/a through = 8.52.0...

Exploit for CVE-2025-22710

CVE-2025-22710 1️⃣ Component type WordPress plugin 2️...

CVE-2023-37931

The CVE corresponds to Fortinet FortiVoice Entreprise SQL injection, where improper neutralization of SQL elements enables a blind SQLi via crafted HTTP/HTTPS requests. Affected: FortiVoice Entreprise 7.0.0–7.0.1 and older than 6.4.8. Impact: authenticated attacker can perform a blind SQL injecti...

CVE-2025-21628

CVE-2025-21628 affects Chatwoot (conversation and contact filters endpoints). Before version 3.16.0, user-provided query_operator input was not sanitized, enabling an authenticated actor to inject arbitrary SQL into the filter query (tautological WHERE clause). Impact is mitigated by upgrading to...

CVE-2025-22540

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...

CVE-2025-22542 WordPress Virtual Bot Plugin <= 1.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ofek Nakar Virtual Bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a through 1.0.0...

CVE-2025-22542 WordPress Virtual Bot Plugin <= 1.0.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ofek Nakar Virtual Bot virtual-bot allows Blind SQL Injection.This issue affects Virtual Bot: from n/a through = 1.0.0...

CVE-2025-22352

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes elex-bulk-edit-products-prices-attributes-for-woocommerce-basic allows Blind SQL Injection.This issue affects ELEX...

CVE-2025-22347

Cross-Site Request Forgery CSRF vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through = 3.9...

CVE-2024-51715 WordPress ClickWhale plugin <= 2.4.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickWhale ClickWhale clickwhale allows Blind SQL Injection.This issue affects ClickWhale: from n/a through = 2.4.1...

CVE-2025-22348

CVE-2025-22348 corresponds to a SQL Injection vulnerability in the WordPress DynamicTags plugin (versions n/a through 1.4.0). Multiple connected sources describe an improper neutralization of special elements used in SQL commands (SQLi), leading to blind SQL injection. Affected component is the D...

CVE-2025-22348 WordPress DynamicTags plugin <= 1.4.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in rtowebsites DynamicTags dynamictags allows Blind SQL Injection.This issue affects DynamicTags: from n/a through = 1.4.0...

PT-2025-4461 · Unknown · Bsk Forms Blacklist

Name of the Vulnerable Software and Affected Versions: BSK Forms Blacklist versions n/a through 3.9 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Blind SQL Injection. This means an attacker can trick a user into performing unintended actions on a...

Exploit for CVE-2025-22352

1️⃣ Component type WordPress plugin 2️⃣ Component details...

CVE-2024-56801

Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability...

CVE-2024-56801

Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability...

CVE-2024-56801

Tasklists for GLPI has a blind SQL injection vulnerability in versions prior to 2.0.4, fixed by the 2.0.4 patch. Some sources indicate the issue affects the /ajax/reorder.php endpoint. The CVE documents high impact (per CVSS data) but no exploit details are provided in the connected documents. Re...

CVE-2024-56801 Tasklists has Blind SQL Injection in /ajax/reorder.php

Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability...