5 matches found
EUVD-2025-200190
The db-access WordPress plugin through 0.8.7 does not have authorization in an AJAX action, allowing any authenticated users, such as subscriber to perform SQLI attacks...
CVE-2025-13000
The db-access WordPress plugin through 0.8.7 does not have authorization in an AJAX action, allowing any authenticated users, such as subscriber to perform SQLI attacks...
CVE-2025-13000 DB Access <= 0.8.7 - Subscriber+ SQLi
The db-access WordPress plugin through 0.8.7 does not have authorization in an AJAX action, allowing any authenticated users, such as subscriber to perform SQLI attacks...
WordPress plugin db-access 安全漏洞
WordPress db-access is the core part of the WordPress system that interacts with the database. WordPress db-access exists SQL injection vulnerability, the vulnerability stems from the lack of authorization for AJAX operations, an attacker can use this vulnerability by sending malicious SQL comman...
CVE-2020-35202
Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS...