CVE-2026-39479 WordPress OttoKit plugin <= 1.1.20 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brainstorm Force OttoKit suretriggers allows Blind SQL Injection.This issue affects OttoKit: from n/a through = 1.1.20...

CVE-2026-39466 WordPress Broken Link Checker plugin <= 2.4.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind SQL Injection.This issue affects Broken Link Checker: from n/a through = 2.4.7...

CVE-2026-39466 WordPress Broken Link Checker plugin <= 2.4.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Broken Link Checker broken-link-checker allows Blind SQL Injection.This issue affects Broken Link Checker: from n/a through = 2.4.7...

Multiple vulnerabilities in Movable Type

Overview The Listing Framework of Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Code injection CWE-94 - CVE-2026-25776 SQL injection CWE-89 - CVE-2026-33088 CVE-2026-25776 Sho Odagiri of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to Six...

CVE-2026-3781 Attendance Manager <= 0.6.2 - Authenticated (Subscriber+) SQL Injection via 'attmgr_off' Parameter

The Attendance Manager plugin for WordPress is vulnerable to SQL Injection via the 'attmgroff' parameter in all versions up to, and including, 0.6.2. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

EUVD-2026-20051

SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...

CVE-2026-24913

SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...

CVE-2026-24913

SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...

CVE-2026-24913

MATCHA INVOICE versions 2.6.6 and earlier are affected by an SQL Injection vulnerability. The flaw allows an authenticated user to obtain or alter data stored in the database through exploitation of unsafely handled input in the application. The description does not specify exact vulnerable compo...

CVE-2026-24913

SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...

EUVD-2026-20033

ASDA-Soft Stack-based Buffer Overflow Vulnerability...

PT-2026-31342

Name of the Vulnerable Software and Affected Versions Red Hat Quay affected versions not specified Description A flaw exists in Red Hat Quay's handling of resumable container image layer uploads. The upload process stores intermediate data in the database in a format that, if manipulated, could...

PT-2026-31452

The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient validation of the $name parameter upload field key passed to the generate user file dirpath function, which uses WordPress's path join — a function...

WordPress plugin Broken Link Checker SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin Advanced Contact form 7 DB 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress plugin User Feedback SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

ICZ MATCHA INVOICE SQL注入漏洞

ICZ MATCHA INVOICE is an invoice management system developed by the Japanese company ICZ. Versions of ICZ MATCHA INVOICE 2.6.6 and earlier contained a SQL injection vulnerability. This vulnerability made the system susceptible to SQL injection attacks, potentially leading to the extraction or...

WordPress plugin OttoKit SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress plugin User Registration & Membership SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

PT-2026-31556

Name of the Vulnerable Software and Affected Versions Simple Laundry System version 1.0 Description A security issue exists in code-projects Simple Laundry System 1.0. Manipulation of the userid argument in the /userchecklogin.php file can lead to SQL injection. This attack can be launched...